[Snyk] Upgrade dotenv from 16.0.3 to 16.4.5

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade dotenv from 16.0.3 to 16.4.5.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

- The recommended version is **17 versions** ahead of your current version. - The recommended version was released **22 days ago**, on 2024-02-20. The recommended version fixes: Severity | Issue | PriorityScore (*) | Exploit Maturity | :-------------------------:|:-------------------------|-------------------------|:-------------------------

| Regular Expression Denial of Service (ReDoS)
[SNYK-JS-SEMVER-3247795](https://snyk.io/vuln/SNYK-JS-SEMVER-3247795) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept

| Regular Expression Denial of Service (ReDoS)
[SNYK-JS-ADOBECSSTOOLS-6096077](https://snyk.io/vuln/SNYK-JS-ADOBECSSTOOLS-6096077) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | No Known Exploit

| Prototype Pollution
[SNYK-JS-TOUGHCOOKIE-5672873](https://snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept

| Regular Expression Denial of Service (ReDoS)
[SNYK-JS-WORDWRAP-3149973](https://snyk.io/vuln/SNYK-JS-WORDWRAP-3149973) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept

| Incomplete List of Disallowed Inputs
[SNYK-JS-BABELTRAVERSE-5962462](https://snyk.io/vuln/SNYK-JS-BABELTRAVERSE-5962462) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept

| Improper Input Validation
[SNYK-JS-FOLLOWREDIRECTS-6141137](https://snyk.io/vuln/SNYK-JS-FOLLOWREDIRECTS-6141137) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | Proof of Concept

| Regular Expression Denial of Service (ReDoS)
[SNYK-JS-ADOBECSSTOOLS-5871286](https://snyk.io/vuln/SNYK-JS-ADOBECSSTOOLS-5871286) | **482/1000**
**Why?** Proof of Concept exploit, CVSS 7.5 | No Known Exploit (*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: dotenv

16.4.5 - 2024-02-20

16.4.5

  </li>
  <li>
    <b>16.4.4</b> - <a href="https://snyk.io/redirect/github/motdotla/dotenv/releases/tag/v16.4.4">2024-02-13</a></br><p>16.4.4</p>
  </li>
  <li>
    <b>16.4.3</b> - <a href="https://snyk.io/redirect/github/motdotla/dotenv/releases/tag/v16.4.3">2024-02-12</a></br><p>16.4.3</p>
  </li>
  <li>
    <b>16.4.2</b> - <a href="https://snyk.io/redirect/github/motdotla/dotenv/releases/tag/v16.4.2">2024-02-10</a></br><p>16.4.2</p>
  </li>
  <li>
    <b>16.4.1</b> - <a href="https://snyk.io/redirect/github/motdotla/dotenv/releases/tag/v16.4.1">2024-01-24</a></br><p>16.4.1</p>
  </li>
  <li>
    <b>16.4.0</b> - <a href="https://snyk.io/redirect/github/motdotla/dotenv/releases/tag/v16.4.0">2024-01-23</a></br><p>16.4.0</p>
  </li>
  <li>
    <b>16.3.2</b> - <a href="https://snyk.io/redirect/github/motdotla/dotenv/releases/tag/v16.3.2">2024-01-19</a></br><p>16.3.2</p>
  </li>
  <li>
    <b>16.3.1</b> - <a href="https://snyk.io/redirect/github/motdotla/dotenv/releases/tag/v16.3.1">2023-06-17</a></br><p>16.3.1</p>
  </li>
  <li>
    <b>16.3.0</b> - <a href="https://snyk.io/redirect/github/motdotla/dotenv/releases/tag/v16.3.0">2023-06-16</a></br><p>16.3.0</p>
  </li>
  <li>
    <b>16.2.0</b> - <a href="https://snyk.io/redirect/github/motdotla/dotenv/releases/tag/v16.2.0">2023-06-16</a></br><p>16.2.0</p>
  </li>
  <li>
    <b>16.1.4</b> - 2023-06-04
  </li>
  <li>
    <b>16.1.3</b> - 2023-05-31
  </li>
  <li>
    <b>16.1.2</b> - 2023-05-31
  </li>
  <li>
    <b>16.1.1</b> - 2023-05-31
  </li>
  <li>
    <b>16.1.0</b> - 2023-05-30
  </li>
  <li>
    <b>16.1.0-rc2</b> - 2023-05-21
  </li>
  <li>
    <b>16.1.0-rc1</b> - 2023-04-07
  </li>
  <li>
    <b>16.0.3</b> - 2022-09-29
  </li>
</ul>
from <a href="https://snyk.io/redirect/github/motdotla/dotenv/releases">dotenv GitHub release notes</a>

Commit messages

Package name: dotenv

9f3e833 16.4.5
6924177 Merge pull request #814 from motdotla/dont-check-existance
3533420 changelog 🪵
249e5a6 adjust logic to support tests
87fd887 do not check if exists
1146910 rename .env-multiline to .env.multiline
d03e397 16.4.4
3275a0a changelog 🪵
f40a8c3 Merge pull request #812 from motdotla/patch-12
1dc22d3 replace 14 chaining operator
9f1999c add 12 showing issue
06fd9bb update README
91bb2d8 Merge pull request #809 from motdotla/additional-tests
5057a81 add test showing .env.vault decryption stil works with multi-files to options.path
6581b54 16.4.3
1cf05e3 Merge pull request #808 from motdotla/changelog
f44c0be no 22 support yet
a992c3e remove eol node 12 and add node 22
232a29f package-lock update
e8e2c99 changelog 🪵
fe5ac4d Merge pull request #805 from thanosd/bug/fix-merge-multiple-files
5ae3ed2 Updating to always use `override` flag
f6e87eb Merge pull request #807 from motdotla/codecov
5fd07f7 add badge

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Name	Link
Latest commit	43cb01029ba1b4d103d2bc849a7b7bc395f1c344
Latest deploy log	https://app.netlify.com/sites/otlio/deploys/65f0ab1f3306dd000801b771
Deploy Preview	https://deploy-preview-436--otlio.netlify.app
Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.
Lighthouse	1 paths audited Performance: 66 (🔴 down 1 from production) Accessibility: 97 (🟢 up 3 from production) Best Practices: 92 (🟢 up 9 from production) SEO: 97 (no change from production) PWA: 70 (no change from production) View the detailed breakdown and full score reports

stanleyowen / otlio