search

topcoderinc / Topcoder-StarterPack_Node-Backend

Topcoder development on the NodeJS build pack is taking place here :-)
16 stars 22 forks source link

[Snyk] Upgrade mailgun-js from 0.7.15 to 0.22.0 #10

Open snyk-bot opened 2 years ago

snyk-bot commented 2 years ago

Snyk has created this PR to upgrade mailgun-js from 0.7.15 to 0.22.0.

merge advice :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Uninitialized Memory Exposure
npm:http-proxy-agent:20180406		 581/1000
Why? Mature exploit, CVSS 8.2		 Mature
Uninitialized Memory Exposure
npm:https-proxy-agent:20180402		 581/1000
Why? Mature exploit, CVSS 8.2		 Mature
Uninitialized Memory Exposure
npm:ip:20170304		 581/1000
Why? Mature exploit, CVSS 8.2		 No Known Exploit
Man-in-the-Middle (MitM)
SNYK-JS-HTTPSPROXYAGENT-469131		 581/1000
Why? Mature exploit, CVSS 8.2		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
npm:ms:20170412		 581/1000
Why? Mature exploit, CVSS 8.2		 No Known Exploit
Regular Expression Denial of Service (ReDoS)
npm:debug:20170905		 581/1000
Why? Mature exploit, CVSS 8.2		 No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: mailgun-js
  • 0.22.0 - 2018-10-26
  • 0.21.0 - 2018-09-18
  • 0.20.0 - 2018-07-06
  • 0.19.0 - 2018-06-27
  • 0.18.1 - 2018-06-20
  • 0.18.0 - 2018-05-01

    Add special case to support multiple unsubscribes. Fixes #203

  • 0.17.0 - 2018-04-20
    • Update dependencies
    • Add tracking API
    • Remove campaigns API as it does not exist any more
  • 0.16.0 - 2018-02-15
  • 0.15.0 - 2018-02-14
  • 0.14.2 - 2018-01-23
  • 0.14.1 - 2018-01-02
  • 0.14.0 - 2017-12-23
  • 0.13.1 - 2017-08-14
  • 0.13.0 - 2017-08-14
  • 0.12.1 - 2017-08-08
  • 0.12.0 - 2017-07-28
  • 0.11.3 - 2017-07-21
  • 0.11.2 - 2017-05-26
  • 0.11.1 - 2017-05-23
  • 0.10.1 - 2017-04-11
  • 0.9.1 - 2017-03-24
  • 0.9.0 - 2017-03-20
  • 0.8.2 - 2017-02-16
  • 0.8.1 - 2017-01-27
  • 0.8.0 - 2017-01-02
  • 0.7.15 - 2016-12-18
from mailgun-js GitHub release notes
Commit messages
Package name: mailgun-js
  • ba44aef 0.22.0
  • 106420e Add test mode (#225)
  • 294843f Merge pull request #224 from petereitz/address215
  • ba3a9d6 Update README.md
  • 81e0d12 Merge pull request #222 from developedbyme/patch-1
  • 1d02e8b Added note about EU region usage
  • 5550948 Merge pull request #220 from captDaylight/patch-1
  • 8371c5e typo
  • 09c3c43 0.21.0
  • 339ea2a update dependencies
  • 81977d3 Update README.md
  • e59794d Update README.md
  • f8b0e41 0.20.0
  • a707acb Merge pull request #213 from Donky-Network/relax-attachment-validation
  • d43b32e Relaxed validation around stream attachments, allowing a filename to be specified
  • 8b78344 0.19.0
  • b880f5a update deps. Fixes #210
  • 0463a15 Merge pull request #211 from aaronosher/patch-1
  • 0594ddd Update schema.js
  • 373a858 0.18.1
  • 73d48a4 Merge pull request #209 from getconversio/hotfix/smtp-password
  • f348f4f Remove smtp password requirement
  • e594a1a 0.18.0
  • f2db0e4 Add special case to support multiple unsubscribes. Fixes #203
Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

šŸ§ View latest project report

šŸ›  Adjust upgrade PR settings

šŸ”• Ignore this dependency or unsubscribe from future upgrade PRs