[Snyk] Fix for 1 vulnerabilities

[wasimakh2]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-AXIOS-6144788	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: googleapis

The new version differs by 250 commits.

• 7e3d978 Release v37.0.0 (favico.js update RocketChat/Rocket.Chat#1568)
• ecb2c28 build: check for 404s in the docs (Distinguish Deployment from Development Install RocketChat/Rocket.Chat#1562)
• d49aa49 docs: run the docs command (Unicode regex support RocketChat/Rocket.Chat#1566)
• d1af168 feat: run the generator (Added toAll mentions for yall, everyone, channel, and here RocketChat/Rocket.Chat#1564)
• 9ccda50 chore(deps): update dependency eslint-config-prettier to v4 (Functions rate limiter RocketChat/Rocket.Chat#1565)
• 73f8f9c docs: specify gaxios over axios (Rocket Chat fails to load channels in IE10 RocketChat/Rocket.Chat#1558)
• 7f7f3cf fix(deps): update dependency googleapis-common to ^0.7.0 (Many fixes for RTL RocketChat/Rocket.Chat#1560)
• c62efb1 docs(samples): add people samples for get & create contacts (Too easy to accidentally leave channels RocketChat/Rocket.Chat#1543)
• 2ad63f6 feat: webpack support for all APIs (When User Joins a Call, Mark Them as Busy RocketChat/Rocket.Chat#1554)
• d8ba2ac fix(deps): update googleapis-common and google-auth-library (Add hubot config to docker-compose.yml RocketChat/Rocket.Chat#1556)
• 9742db3 feat: generating webpackable packages (Reset avatar before uploading to prevent caching issues RocketChat/Rocket.Chat#1547)
• e70272c fix(generator): convert method names to camelCase (rocketchat_1 | private group user statistic not found RocketChat/Rocket.Chat#1552)
• 8d9c5d9 docs: fix typo in README.md (Mentioned non-English user names do not get linked RocketChat/Rocket.Chat#1549)
• de464c0 feat: run the generator (Unified channel creation? RocketChat/Rocket.Chat#1541)
• 7e07d11 docs: improve the compute sample in the README (Improvements/performance RocketChat/Rocket.Chat#1537)
• 47056e9 docs(samples): rework the compute list vms sample (Permissions renaming RocketChat/Rocket.Chat#1534)
• 3b612fc fix(test): fix the revoke token test (Secret URL registration. Closes #1507 RocketChat/Rocket.Chat#1532)
• 4115c0f chore(deps): update dependency typedoc to ^0.14.0 ([sandstorm] Cull administrator options RocketChat/Rocket.Chat#1527)
• c61e14d docs: correct the README (FileReader function ignores orientation of images uploaded from mobile. RocketChat/Rocket.Chat#1522)
• 438979a docs: use blogger to demonstrate key authentication (File upload too slow / eating too much resources RocketChat/Rocket.Chat#1519)
• f6edb8e chore: update license file and metadata (Account box customizable items RocketChat/Rocket.Chat#1504)
• 230bb64 chore(build): inject yoshi automation key (Multiple file upload support RocketChat/Rocket.Chat#1503)
• 443662e chore: update nyc and eslint configs (Password reset / recovery is broken RocketChat/Rocket.Chat#1502)
• 413d9ca chore: fix publish.sh permission +x (Update README.md RocketChat/Rocket.Chat#1499)

See the full diff

Package name: twilio

The new version differs by 250 commits.

• 2a51f83 Release 4.19.3
• 90208b3 [Librarian] Regenerated @ 437c39e3f150e78058f5afb3ef0672e89fc59ec0
• 00e852f Release 4.19.2
• 5a3916d [Librarian] Regenerated @ 24dcf52b3ba6769ea21d08329aa544a79742b6c2
• ce0804c chore: Removing Test Related To Deprecated Endpoint - OAuth (Rest API - open access to all users? RocketChat/Rocket.Chat#963)
• 23eca56 chore: twilio help changes (Slack-like Integration with GitHub RocketChat/Rocket.Chat#958)
• a981eb0 chore: Update axios to 1.6 to pull in fix for CVE 2023 45857 (#971)
• e7bbeb1 chore: Removed LTS version (Explain how to set/use Accounts_AvatarStoreType  RocketChat/Rocket.Chat#978)
• 1f6d8eb Release 4.19.1
• 31e0189 [Librarian] Regenerated @ 5eb406c4977c9f6976e6053cb5b581056f541a59
• de63541 Release 4.19.0
• b86e2e0 [Librarian] Regenerated @ 922c1fef02b8c8fbbbe2315aa9b9d1dba49f3fc0
• ed8ad97 chore: upgraded semver versions (Disappearing chats / Chats not being received RocketChat/Rocket.Chat#966)
• 75361b2 chore: added feature request issue template (Removing from favorites with the "X" next to the name doesn't have an effect RocketChat/Rocket.Chat#964)
• a23ee16 Release 4.18.1
• 0ccd7ca [Librarian] Regenerated @ a25fe2e20ee404d8f8642d6e5acceff276916c9e
• 316114b fix: update security method validatessl (Implement automated delivery pipeline (CI / Continuous Integration) RocketChat/Rocket.Chat#961)
• 392fedd Release 4.18.0
• 4af092a [Librarian] Regenerated @ c9ac9b9736431d573d8dec29ad3095eee969cdea
• b39e374 Release 4.17.0
• 8c2edfc [Librarian] Regenerated @ b32d3e1eba2177c81eeca51181f67e618fe86dbe
• 7203ad0 Release 4.16.0
• b4e6952 [Librarian] Regenerated @ 38fb28edc02f73b8635b45a5612c5ae33eab39fe
• 70bc328 Release 4.15.0

See the full diff

Package name: webdav

The new version differs by 250 commits.

• 0925f7f Prepare v5.0.0
• a1f6129 Update changelog for v5
• ae43cc1 Merge pull request Case insensitive username RocketChat/Rocket.Chat#341 from Pytal/fix/parse-leading-zeros
• 3b08bbc fix(parse): Preserve stringified numbers with leading zeros
• 63e0cff Prepare 5.0.0-r4
• 95b7c33 Update fetch - fix browser usage
• 8d96946 Prepare 5.0.0-r3
• 45a4447 Allow providing external HA1 for digest auth (Slash command handler RocketChat/Rocket.Chat#333)
• bc86f14 Bump version, audit deps
• 1ec885f Update changelog
• 1c1fbda Remove cross-fetch reference
• 830336d Fix firefox/web tests
• ea8c2fa Add CI lint/format testss
• 8faa238 Merge pull request Use Meteor.absoluteUrl() to handle being deployed on a virtual-host.com/folder/ RocketChat/Rocket.Chat#335 from perry-mitchell/feat/fetch_library_upgrade
• 65b58b2 Merge pull request meteor breaks of from running RocketChat/Rocket.Chat#334 from skjnldsv/feat/directory-filter-getdirectorycontents
• bd6dcff Fix tests
• eaabed5 Switch fetch library to @ buttercup/fetch
• ae5cac9 feat(getDirectoryContents): allow returning current directory
• e8e61fd Merge pull request Opening sidebar with big latency RocketChat/Rocket.Chat#331 from caribe/patch-1
• 3bf98a6 Update README.md
• 4ca0929 Fix prepublish
• f4403c4 Prepare 5.0.0-r1
• 2e55df0 Remove duplicate comma
• 40dba36 Merge pull request User administration page RocketChat/Rocket.Chat#327 from perry-mitchell/esm

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution

[sweep-ai-deprecated]

Apply Sweep Rules to your PR?

• Apply: All new business logic should have corresponding unit tests.
• Apply: Refactor large functions to be more modular.
• Apply: Add docstrings to all functions and file headers.

[guardrails]

⚠️ We detected 3 security issues in this pull request:

Vulnerable Libraries (3)

Severity	Details
High	pkg:npm/webdav@5.0.0 upgrade to: > 5.0.0
High	pkg:npm/twilio@4.19.3 upgrade to: > 4.19.3
N/A	pkg:npm/googleapis@37.0.0 upgrade to: 39.1.0

More info on how to fix Vulnerable Libraries in JavaScript.

---

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.