Skip to content

Update dependency com.vonage:client to v9 #4

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Update dependency com.vonage:client to v9 #4

wants to merge 1 commit into from

Conversation

@mend-for-github-com
Copy link

@mend-for-github-com mend-for-github-com bot commented May 13, 2025
edited
Loading

This PR contains the following updates:

Package Type Update Change
com.vonage:client dependencies major 7.2.0 -> 9.3.0

By merging this PR, the issue #3 will be automatically resolved and closed:

Severity CVSS Score Vulnerability
High High 7.5 CVE-2025-52999
High High 7.5 WS-2022-0468

Release Notes

Vonage/vonage-java-sdk (com.vonage:client)

v9.3.0

  • Added support for native failover in Messages API

v8.1.0

  • Added various missing fields in Messages API:
    • webhook_version and webhook_url for all outbound messages
    • MMS vCard caption (outbound)
    • MMS image caption (inbound)
    • Whatsapp file name (outbound)
    • Whatsapp context_status and referral (inbound)
    • SMS count_total and network_code (inbound)
    • SMS ttl, encoding_type, content_id and entity_id (outbound)
    • Whatsapp conversation type and ID (status update)
  • Added optional from parameter to Verify v2 SMS workflow
  • Fixed length not being set in VerifyClient.verify overload method
  • Fixed incorrect HTTP method for updating Video Broadcast layout
  • Internal refactoring of Video API implementation

v7.11.1

  • Deprecated SNS client, legacyutils and LoggingUtils
  • Un-deprecated Redact client
  • Published relocation information in artifact metadata

v7.11.0

  • Added verifySignature utility method to Voice and Messages clients
  • Added applicationId(UUID) overload to VonageClient.Builder
  • Added direct call modification methods to VoiceClient
  • Added downloadRecordingRaw and saveRecording methods to VoiceClient
  • Deprecated ModifyCallResponse and VoiceClient.modifyCall
  • Deprecated VoiceClient.downloadRecording and Recording class
  • Internal refactoring of Voice API implementation
  • Bumped com.vonage:jwt version to 1.1.0

v7.10.0

  • Added more locales for Verify v2 and Meetings APIs
  • Added check_url to VerificationResponse to support synchronous Silent Authentication
  • Removed previously deprecated internal classes & methods
  • Internal refactoring of Proactive Connect and Meetings API implementations
  • Bumped Jackson version to 2.15.3
  • Migrated all remaining tests to JUnit 5 and removed dependency on vintage-engine

v7.9.0

  • Added get-full-pricing implementation of Pricing API in AccountClient
  • Added master API key default overloads for secret management in Account API
  • Deprecated public internal request classes in Account API
  • Internal refactoring of Verify v1 and Account API implementations
  • Added /v1 to Meetings API endpoint URL paths
  • Migrated assertions and test dependencies to JUnit 5

v7.8.0

  • Added capability to configure request timeouts (default is 60 seconds)
  • Deprecated custom HTTP client implementation setting
  • Internal refactoring of Numbers, Conversion and Number Insight API implementations

v7.7.0

  • Added Users API implementation
  • Major refactoring of how endpoints are implemented internally
    • SMS, SNS, Redact, Verify v2, Subaccounts, Messages, Application have been refactored
  • Introduced Jsonable and QueryParams in addition to DynamicEndpoint to reduce boilerplate
  • Added missing fields to Application, capabilities and webhooks
  • Removed PageList (replaced by HalPageResponse)
  • Improved documentation for Application API implementation
  • Relaxed UUID validation in VoiceClient

v7.6.0

  • Added Proactive Connect API implementation
  • Added Meetings API implementation
  • Updated Subaccounts name & secret validation logic

v7.5.0

  • Added Subaccounts API implementation
  • Added custom PIN functionality to Verify v1
  • Fixed Silent Auth action URL webhook deserialization issue

v7.4.0

  • Added Verify v2 API implementation
  • Added Advanced Machine Detection to Voice API
  • Fixed VbcEndpoint NCCO
  • Removed dependency on jakarta.xml.bind
  • Made jakarta.servlet an optional dependency
  • Deprecated all methods and classes that use javax.servlet.HttpServletRequest

v7.3.0

  • Viber video message now requires setting duration and file size
  • Numbers API now uses Basic auth in header rather than query params
  • Made jakarta.servlet-api a required dependency (replacing javax.servlet as compileOnly)
  • Use jakarta.xml.bind-api instead of javax.xml.bind
  • Added premium and level fields to Start Talk request
  • Refactored TalkPayload to use Builder pattern
  • Added vbc and app endpoint types for voice calls
  • Fixed incorrect serialisation of random_from_number
  • Added Builder for constructing Call request
  • Added validation for UUIDs, URLs and request objects in VoiceClient
  • Made internal request classes for Voice API package-private
  • Deprecated public-facing usages of CallModifer & ModifyCallPayload
  • Deprecated setters on classes in Voice API in favour of builders / constructors
  • com.vonage.client.voice.WebSocketEndpoint now uses Map for headers
  • If you want to rebase/retry this PR, check this box

@mend-for-github-com mend-for-github-com bot added the security fix Security fix generated by Mend label May 13, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

security fix Security fix generated by Mend

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant