whatsapp-api
whatsapp-api copied to clipboard
chrishubert
[Snyk] Upgrade: axios, whatsapp-web.js
Snyk has created this PR to upgrade multiple dependencies.
👯♂ The following dependencies are linked and will therefore be updated together. :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.| Name | Versions | Released on |
|---|
axiosfrom 1.6.7 to 1.7.7 | 12 versions ahead of your current version | 21 days agoon 2024-08-31 whatsapp-web.jsfrom 1.23.1-alpha.5 to 1.25.0 | 3 versions ahead of your current version | 2 months agoon 2024-07-24
Issues fixed by the recommended upgrade:
| Issue | Score | Exploit Maturity | |
|---|---|---|---|
 |
Server-side Request Forgery (SSRF) SNYK-JS-AXIOS-7361793 |
761 | Proof of Concept |
 |
Information Exposure SNYK-JS-FOLLOWREDIRECTS-6444610 |
761 | Proof of Concept |
Release notes
Package name: axios
-
1.7.7 - 2024-08-31
Release notes:
Bug Fixes
- fetch: fix stream handling in Safari by fallback to using a stream reader instead of an async iterator; (#6584) (d198085)
- http: fixed support for IPv6 literal strings in url (#5731) (364993f)
Contributors to this release
-
1.7.6 - 2024-08-30
Release notes:
Bug Fixes
- fetch: fix content length calculation for FormData payload; (#6524) (085f568)
- fetch: optimize signals composing logic; (#6582) (df9889b)
Contributors to this release
-
1.7.5 - 2024-08-23
Release notes:
Bug Fixes
- adapter: fix undefined reference to hasBrowserEnv (#6572) (7004707)
- core: add the missed implementation of AxiosError#status property; (#6573) (6700a8a)
- core: fix
ReferenceError: navigator is not definedfor custom environments; (#6567) (fed1a4b) - fetch: fix credentials handling in Cloudflare workers (#6533) (550d885)
Contributors to this release
-
1.7.4 - 2024-08-13
Release notes:
Bug Fixes
- sec: CVE-2024-39338 (#6539) (#6543) (6b6b605)
- sec: disregard protocol-relative URL to remediate SSRF (#6539) (07a661a)
Contributors to this release
-
1.7.3 - 2024-08-01
Release notes:
Bug Fixes
- adapter: fix progress event emitting; (#6518) (e3c76fc)
- fetch: fix withCredentials request config (#6505) (85d4d0e)
- xhr: return original config on errors from XHR adapter (#6515) (8966ee7)
Contributors to this release
-
1.7.2 - 2024-05-21
Release notes:
Bug Fixes
Contributors to this release
-
1.7.1 - 2024-05-20
Release notes:
Bug Fixes
- fetch: fixed ReferenceError issue when TextEncoder is not available in the environment; (#6410) (733f15f)
Contributors to this release
-
1.7.0 - 2024-05-19
Release notes:
Features
Bug Fixes
Contributors to this release
-
1.7.0-beta.2 - 2024-05-19
Release notes:
Bug Fixes
- fetch: capitalize HTTP method names; (#6395) (ad3174a)
- fetch: fix & optimize progress capturing for cases when the request data has a nullish value or zero data length (#6400) (95a3e8e)
- fetch: fix headers getting from a stream response; (#6401) (870e0a7)
Contributors to this release
-
1.7.0-beta.1 - 2024-05-07
Release notes:
Bug Fixes
- core/axios: handle un-writable error stack (#6362) (81e0455)
- fetch: fix cases when ReadableStream or Response.body are not available; (#6377) (d1d359d)
- fetch: treat fetch-related TypeError as an AxiosError.ERR_NETWORK error; (#6380) (bb5f9a5)
Contributors to this release
Install
npm i axios@next - 1.7.0-beta.0 - 2024-04-28
- 1.6.8 - 2024-03-15
- 1.6.7 - 2024-01-25
Package name: whatsapp-web.js
-
1.25.0 - 2024-07-24
What's Changed
- Farewell, Webpack! Re-injection, Pairing Code login, and 2.24x jumbofix by @ PurpShell in #2816
Full Changelog: v1.24.0...v1.25.0
-
1.24.0 - 2024-06-09
What's Changed
- feat: control auto-loading of files + fixed method setDisplayName by @ tofers in #2295
- fix:
Message.getInfoby @ alechkos in #2574 - fix:
Polldocs by @ alechkos in #2652 - Fix window.Store.getMsgInfo is not a function by @ shirser121 in #2651
- Add Business Contact Types by @ shirser121 in #2369
- fix:
message_editevent and edit caption in file by @ tofers in #2617 - Change Supported features by @ tuyuribr in #2443
- Fix Cannot read properties of undefined (reading 'mediaStage') in message.js by @ elhumbertoz in #2556
- Fix link preview by @ shirser121 in #2681
- fix: send docs without caption by @ alechkos in #2660
- feat: event
message_ciphertextby @ tofers in #2292 - Reduce supply chain attacks vectors by @ tuyuribr in #2691
- Fix: Wrong import of Contact object by @ shirser121 in #2715
- feat: pin/unpin messages by @ alechkos in #2692
- feat: group mentions + improved user mentions by @ alechkos in #2602
- fix: link retrieval from message by @ alechkos in #2716
- Fix TS compilation error "Statements are not allowed in ambient context" index.d.ts by @ pierrecorsini in #2697
- Fix isOfficialClient by @ PurpShell in #2794
- Upgrade node version by @ tuyuribr in #2129
- style: guide link fix and detailed description by @ qzdark in #2972
- fix: logo link by @ qzdark in #2994
- Fix "group_membership_request" event by @ Bauguelson in #2813
- Add members settings by @ GulgDev in #2788
- Fix: delete lines that remove data from this._data by @ shirser121 in #2958
- feat:
vote_updateevent by @ alechkos in #2596 - Expose Chat's
pinnedproperty in TS by @ Rakambda in #2771 - Make an NPM release via GitHub by @ PurpShell in #2942
New Contributors
- @ pierrecorsini made their first contribution in #2697
- @ qzdark made their first contribution in #2972
- @ Bauguelson made their first contribution in #2813
- @ GulgDev made their first contribution in #2788
Full Changelog: v1.23.0...v1.24.0
-
1.23.1-alpha.6 - 2024-04-30
What's Changed
- Upgrade node version by @ tuyuribr in #2129
- style: guide link fix and detailed description by @ qzdark in #2972
- fix: logo link by @ qzdark in #2994
- Fix "group_membership_request" event by @ Bauguelson in #2813
- Add members settings by @ GulgDev in #2788
- Fix: delete lines that remove data from this._data by @ shirser121 in #2958
- feat:
vote_updateevent by @ alechkos in #2596
New Contributors
- @ qzdark made their first contribution in #2972
- @ Bauguelson made their first contribution in #2813
- @ GulgDev made their first contribution in #2788
Full Changelog: v1.23.1-alpha.5...v1.23.1-alpha.6
-
1.23.1-alpha.5 - 2024-03-01
What's Changed
- Fix TS compilation error "Statements are not allowed in ambient context" index.d.ts by @ pierrecorsini in #2697
- Fix isOfficialClient by @ PurpShell in #2794
New Contributors
- @ pierrecorsini made their first contribution in #2697
Full Changelog: v1.23.1-alpha.4...v1.23.1-alpha.5
[!IMPORTANT]
- Check the changes in this PR to ensure they won't cause issues with your project.
- This PR was automatically created by Snyk using the credentials of a real user.
- Max score is 1000. Note that the real score may have changed since the PR was raised.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
Quality Gate passed
Issues
0 New issues
0 Accepted issues
Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code
See analysis details on SonarCloud
![sonarqubecloud[bot] avatar](https://avatars.githubusercontent.com/in/12526?v=4 "Published by a pub.dev verified publisher"){kind=small}
@chrishubert hi, please update the version of the whatsapp-web.js library if you have a chance
