From dafb5109f74ec9c94beb257868d3dd06850558db Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 5 Oct 2022 09:08:23 -0700 Subject: [PATCH 1/2] fix: mms-handler/package.json & mms-handler/package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-MOMENT-2440688 - https://snyk.io/vuln/SNYK-JS-MOMENT-2944238 --- mms-handler/package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mms-handler/package.json b/mms-handler/package.json index 549721e..2daa970 100644 --- a/mms-handler/package.json +++ b/mms-handler/package.json @@ -7,7 +7,7 @@ "start": "twilio-run --env" }, "dependencies": { - "twilio": "3.29.2", + "twilio": "3.31.0", "twilio-flex-token-validator": "^1.5.3", "verror": "^1.10.0" }, From 3a24d15594f091fa0a5eb19b30f2905816045f0b Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 5 Oct 2022 09:08:24 -0700 Subject: [PATCH 2/2] fix: mms-handler/package.json & mms-handler/package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-MOMENT-2440688 - https://snyk.io/vuln/SNYK-JS-MOMENT-2944238 --- mms-handler/package-lock.json | 70 ++++++++++++++--------------------- 1 file changed, 27 insertions(+), 43 deletions(-) diff --git a/mms-handler/package-lock.json b/mms-handler/package-lock.json index 31d7a6b..c90ef7d 100644 --- a/mms-handler/package-lock.json +++ b/mms-handler/package-lock.json @@ -8,7 +8,7 @@ "name": "message-media", "version": "0.0.0", "dependencies": { - "twilio": "3.29.2", + "twilio": "^3.31.0", "twilio-flex-token-validator": "^1.5.3", "verror": "^1.10.0" }, @@ -177,7 +177,6 @@ "version": "1.19.0", "resolved": "https://registry.npmjs.org/@types/body-parser/-/body-parser-1.19.0.tgz", "integrity": "sha512-W98JrE0j2K78swW4ukqMleo8R7h/pFETjM2DQ90MF6XK2i4LO4W3gQ71Lt4w3bfm2EvVSyWHplECvB5sK22yFQ==", - "dev": true, "dependencies": { "@types/connect": "*", "@types/node": "*" @@ -211,7 +210,6 @@ "version": "3.4.33", "resolved": "https://registry.npmjs.org/@types/connect/-/connect-3.4.33.tgz", "integrity": "sha512-2+FrkXY4zllzTNfJth7jOqEHC+enpLeGslEhpnTAkg21GkRrWV4SsAtqchtT4YS9/nODBU2/ZfsBY2X4J/dX7A==", - "dev": true, "dependencies": { "@types/node": "*" } @@ -235,7 +233,6 @@ "version": "4.17.6", "resolved": "https://registry.npmjs.org/@types/express/-/express-4.17.6.tgz", "integrity": "sha512-n/mr9tZI83kd4azlPG5y997C/M4DNABK9yErhFM6hKdym4kkmd9j0vtsJyjFIwfRBxtrxZtAfGZCNRIBMFLK5w==", - "dev": true, "dependencies": { "@types/body-parser": "*", "@types/express-serve-static-core": "*", @@ -247,7 +244,6 @@ "version": "4.17.7", "resolved": "https://registry.npmjs.org/@types/express-serve-static-core/-/express-serve-static-core-4.17.7.tgz", "integrity": "sha512-EMgTj/DF9qpgLXyc+Btimg+XoH7A2liE8uKul8qSmMTHCeNYzydDKFdsJskDvw42UsesCnhO63dO0Grbj8J4Dw==", - "dev": true, "dependencies": { "@types/node": "*", "@types/qs": "*", @@ -291,8 +287,7 @@ "node_modules/@types/mime": { "version": "2.0.2", "resolved": "https://registry.npmjs.org/@types/mime/-/mime-2.0.2.tgz", - "integrity": "sha512-4kPlzbljFcsttWEq6aBW0OZe6BDajAmyvr2xknBG92tejQnvdGtT9+kXSZ580DqpxY9qG2xeQVF9Dq0ymUTo5Q==", - "dev": true + "integrity": "sha512-4kPlzbljFcsttWEq6aBW0OZe6BDajAmyvr2xknBG92tejQnvdGtT9+kXSZ580DqpxY9qG2xeQVF9Dq0ymUTo5Q==" }, "node_modules/@types/mime-types": { "version": "2.1.0", @@ -303,20 +298,17 @@ "node_modules/@types/node": { "version": "13.13.12", "resolved": "https://registry.npmjs.org/@types/node/-/node-13.13.12.tgz", - "integrity": "sha512-zWz/8NEPxoXNT9YyF2osqyA9WjssZukYpgI4UYZpOjcyqwIUqWGkcCionaEb9Ki+FULyPyvNFpg/329Kd2/pbw==", - "dev": true + "integrity": "sha512-zWz/8NEPxoXNT9YyF2osqyA9WjssZukYpgI4UYZpOjcyqwIUqWGkcCionaEb9Ki+FULyPyvNFpg/329Kd2/pbw==" }, "node_modules/@types/qs": { "version": "6.9.3", "resolved": "https://registry.npmjs.org/@types/qs/-/qs-6.9.3.tgz", - "integrity": "sha512-7s9EQWupR1fTc2pSMtXRQ9w9gLOcrJn+h7HOXw4evxyvVqMi4f+q7d2tnFe3ng3SNHjtK+0EzGMGFUQX4/AQRA==", - "dev": true + "integrity": "sha512-7s9EQWupR1fTc2pSMtXRQ9w9gLOcrJn+h7HOXw4evxyvVqMi4f+q7d2tnFe3ng3SNHjtK+0EzGMGFUQX4/AQRA==" }, "node_modules/@types/range-parser": { "version": "1.2.3", "resolved": "https://registry.npmjs.org/@types/range-parser/-/range-parser-1.2.3.tgz", - "integrity": "sha512-ewFXqrQHlFsgc09MK5jP5iR7vumV/BYayNC6PgJO2LPe8vrnNFyjQjSppfEngITi0qvfKtzFvgKymGheFM9UOA==", - "dev": true + "integrity": "sha512-ewFXqrQHlFsgc09MK5jP5iR7vumV/BYayNC6PgJO2LPe8vrnNFyjQjSppfEngITi0qvfKtzFvgKymGheFM9UOA==" }, "node_modules/@types/recursive-readdir": { "version": "2.2.0", @@ -352,7 +344,6 @@ "version": "1.13.4", "resolved": "https://registry.npmjs.org/@types/serve-static/-/serve-static-1.13.4.tgz", "integrity": "sha512-jTDt0o/YbpNwZbQmE/+2e+lfjJEJJR0I3OFaKQKPWkASkCoW3i6fsUnqudSMcNAfbtmADGu8f4MV4q+GqULmug==", - "dev": true, "dependencies": { "@types/express-serve-static-core": "*", "@types/mime": "*" @@ -2817,9 +2808,9 @@ "dev": true }, "node_modules/moment": { - "version": "2.19.3", - "resolved": "https://registry.npmjs.org/moment/-/moment-2.19.3.tgz", - "integrity": "sha1-vbmdJw1tf9p4zA+6zoVeJ/59pp8=", + "version": "2.29.4", + "resolved": "https://registry.npmjs.org/moment/-/moment-2.29.4.tgz", + "integrity": "sha512-5LC9SOxjSc2HF6vO2CyuTDNivEdoz2IvyJJGj6X8DJ0eFyfszE0QiEd+iXmBvUP3WHxSjFH/vIsA0EN00cgr8w==", "engines": { "node": "*" } @@ -4070,14 +4061,15 @@ "integrity": "sha1-WuaBd/GS1EViadEIr6k/+HQ/T2Q=" }, "node_modules/twilio": { - "version": "3.29.2", - "resolved": "https://registry.npmjs.org/twilio/-/twilio-3.29.2.tgz", - "integrity": "sha512-oTa4o1DlPNbV/n8dWK8ymP0NLwCepU7Hu31W86RjmF5cCACDlFcNaw0+/UHoVIa99L5A93mpBwoayQpAJ2ZOzA==", + "version": "3.31.0", + "resolved": "https://registry.npmjs.org/twilio/-/twilio-3.31.0.tgz", + "integrity": "sha512-/E+WLKhBqMqg+LYaJI6/KAUYBO5boSn9ZFVhzyvOcWflLMcvGF9RdawxIcFjoXJFDygYASBVdmwAi7pe9JVW6w==", "dependencies": { + "@types/express": "^4.16.1", "deprecate": "1.0.0", - "jsonwebtoken": "^8.1.0", + "jsonwebtoken": "^8.5.1", "lodash": "^4.17.11", - "moment": "2.19.3", + "moment": "^2.24.0", "q": "2.0.x", "request": "^2.88.0", "rootpath": "0.1.2", @@ -4681,7 +4673,6 @@ "version": "1.19.0", "resolved": "https://registry.npmjs.org/@types/body-parser/-/body-parser-1.19.0.tgz", "integrity": "sha512-W98JrE0j2K78swW4ukqMleo8R7h/pFETjM2DQ90MF6XK2i4LO4W3gQ71Lt4w3bfm2EvVSyWHplECvB5sK22yFQ==", - "dev": true, "requires": { "@types/connect": "*", "@types/node": "*" @@ -4715,7 +4706,6 @@ "version": "3.4.33", "resolved": "https://registry.npmjs.org/@types/connect/-/connect-3.4.33.tgz", "integrity": "sha512-2+FrkXY4zllzTNfJth7jOqEHC+enpLeGslEhpnTAkg21GkRrWV4SsAtqchtT4YS9/nODBU2/ZfsBY2X4J/dX7A==", - "dev": true, "requires": { "@types/node": "*" } @@ -4739,7 +4729,6 @@ "version": "4.17.6", "resolved": "https://registry.npmjs.org/@types/express/-/express-4.17.6.tgz", "integrity": "sha512-n/mr9tZI83kd4azlPG5y997C/M4DNABK9yErhFM6hKdym4kkmd9j0vtsJyjFIwfRBxtrxZtAfGZCNRIBMFLK5w==", - "dev": true, "requires": { "@types/body-parser": "*", "@types/express-serve-static-core": "*", @@ -4751,7 +4740,6 @@ "version": "4.17.7", "resolved": "https://registry.npmjs.org/@types/express-serve-static-core/-/express-serve-static-core-4.17.7.tgz", "integrity": "sha512-EMgTj/DF9qpgLXyc+Btimg+XoH7A2liE8uKul8qSmMTHCeNYzydDKFdsJskDvw42UsesCnhO63dO0Grbj8J4Dw==", - "dev": true, "requires": { "@types/node": "*", "@types/qs": "*", @@ -4795,8 +4783,7 @@ "@types/mime": { "version": "2.0.2", "resolved": "https://registry.npmjs.org/@types/mime/-/mime-2.0.2.tgz", - "integrity": "sha512-4kPlzbljFcsttWEq6aBW0OZe6BDajAmyvr2xknBG92tejQnvdGtT9+kXSZ580DqpxY9qG2xeQVF9Dq0ymUTo5Q==", - "dev": true + "integrity": "sha512-4kPlzbljFcsttWEq6aBW0OZe6BDajAmyvr2xknBG92tejQnvdGtT9+kXSZ580DqpxY9qG2xeQVF9Dq0ymUTo5Q==" }, "@types/mime-types": { "version": "2.1.0", @@ -4807,20 +4794,17 @@ "@types/node": { "version": "13.13.12", "resolved": "https://registry.npmjs.org/@types/node/-/node-13.13.12.tgz", - "integrity": "sha512-zWz/8NEPxoXNT9YyF2osqyA9WjssZukYpgI4UYZpOjcyqwIUqWGkcCionaEb9Ki+FULyPyvNFpg/329Kd2/pbw==", - "dev": true + "integrity": "sha512-zWz/8NEPxoXNT9YyF2osqyA9WjssZukYpgI4UYZpOjcyqwIUqWGkcCionaEb9Ki+FULyPyvNFpg/329Kd2/pbw==" }, "@types/qs": { "version": "6.9.3", "resolved": "https://registry.npmjs.org/@types/qs/-/qs-6.9.3.tgz", - "integrity": "sha512-7s9EQWupR1fTc2pSMtXRQ9w9gLOcrJn+h7HOXw4evxyvVqMi4f+q7d2tnFe3ng3SNHjtK+0EzGMGFUQX4/AQRA==", - "dev": true + "integrity": "sha512-7s9EQWupR1fTc2pSMtXRQ9w9gLOcrJn+h7HOXw4evxyvVqMi4f+q7d2tnFe3ng3SNHjtK+0EzGMGFUQX4/AQRA==" }, "@types/range-parser": { "version": "1.2.3", "resolved": "https://registry.npmjs.org/@types/range-parser/-/range-parser-1.2.3.tgz", - "integrity": "sha512-ewFXqrQHlFsgc09MK5jP5iR7vumV/BYayNC6PgJO2LPe8vrnNFyjQjSppfEngITi0qvfKtzFvgKymGheFM9UOA==", - "dev": true + "integrity": "sha512-ewFXqrQHlFsgc09MK5jP5iR7vumV/BYayNC6PgJO2LPe8vrnNFyjQjSppfEngITi0qvfKtzFvgKymGheFM9UOA==" }, "@types/recursive-readdir": { "version": "2.2.0", @@ -4856,7 +4840,6 @@ "version": "1.13.4", "resolved": "https://registry.npmjs.org/@types/serve-static/-/serve-static-1.13.4.tgz", "integrity": "sha512-jTDt0o/YbpNwZbQmE/+2e+lfjJEJJR0I3OFaKQKPWkASkCoW3i6fsUnqudSMcNAfbtmADGu8f4MV4q+GqULmug==", - "dev": true, "requires": { "@types/express-serve-static-core": "*", "@types/mime": "*" @@ -6858,9 +6841,9 @@ "dev": true }, "moment": { - "version": "2.19.3", - "resolved": "https://registry.npmjs.org/moment/-/moment-2.19.3.tgz", - "integrity": "sha1-vbmdJw1tf9p4zA+6zoVeJ/59pp8=" + "version": "2.29.4", + "resolved": "https://registry.npmjs.org/moment/-/moment-2.29.4.tgz", + "integrity": "sha512-5LC9SOxjSc2HF6vO2CyuTDNivEdoz2IvyJJGj6X8DJ0eFyfszE0QiEd+iXmBvUP3WHxSjFH/vIsA0EN00cgr8w==" }, "ms": { "version": "2.1.2", @@ -7832,14 +7815,15 @@ "integrity": "sha1-WuaBd/GS1EViadEIr6k/+HQ/T2Q=" }, "twilio": { - "version": "3.29.2", - "resolved": "https://registry.npmjs.org/twilio/-/twilio-3.29.2.tgz", - "integrity": "sha512-oTa4o1DlPNbV/n8dWK8ymP0NLwCepU7Hu31W86RjmF5cCACDlFcNaw0+/UHoVIa99L5A93mpBwoayQpAJ2ZOzA==", + "version": "3.31.0", + "resolved": "https://registry.npmjs.org/twilio/-/twilio-3.31.0.tgz", + "integrity": "sha512-/E+WLKhBqMqg+LYaJI6/KAUYBO5boSn9ZFVhzyvOcWflLMcvGF9RdawxIcFjoXJFDygYASBVdmwAi7pe9JVW6w==", "requires": { + "@types/express": "^4.16.1", "deprecate": "1.0.0", - "jsonwebtoken": "^8.1.0", + "jsonwebtoken": "^8.5.1", "lodash": "^4.17.11", - "moment": "2.19.3", + "moment": "^2.24.0", "q": "2.0.x", "request": "^2.88.0", "rootpath": "0.1.2",