[Snyk] Upgrade dotenv from 16.3.2 to 16.4.1
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade dotenv from 16.3.2 to 16.4.1.
- The recommended version is 2 versions ahead of your current version.
- The recommended version was released 22 days ago, on 2024-01-24.
The recommended version fixes:
| Severity | Issue | PriorityScore (*) | Exploit Maturity |
|---|---|---|---|
 |
Server-side Request Forgery (SSRF) SNYK-JS-IP-6240864 |
609/1000 Why? Proof of Concept exploit, Recently disclosed, CVSS 8.6 |
Proof of Concept |
(*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: dotenv
-
16.4.1 - 2024-01-24
16.4.1
-
16.4.0 - 2024-01-23
16.4.0
-
16.3.2 - 2024-01-19
16.3.2
Commit messages
Package name: dotenv
- e251ee2 16.4.1
- a7fee29 update CHANGELOG 🪵
- 579d136 update README
- 7ea2f81 Merge pull request #798 from motdotla/fix-tests
- 6b829d2 demonstrate currently failing (pending) test. multiple env files should merge
- 3e2284b largely remove mocking from tests except where useful
- 2039c4e wip: fix tests
- 48a6ade Merge pull request #797 from tran-simon/master
- cfd735d fix: support array for path option
- a44cb3d update README
- e8c23e7 update README-es
- 2175331 update README
- ccd6719 update README
- 1259e30 add dotenvx environments example
- 57c46be 16.4.0
- 405bf3f update CHANGELOG 🪵
- b9e729a Merge pull request #781 from ckng0221/deprecation-fix
- 18a5a83 update CHANGELOG
- 58cb202 Merge pull request #784 from motdotla/multiple-files
- 74d8199 Merge pull request #786 from alexv-ds/master
- 55ca625 Merge pull request #795 from motdotla/error-codes
- 8911035 update CHANGELOG
- 93821bb add tests to show .code string
- 7488faa add error.code(s)
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information: 