[Snyk] Upgrade ibm-watson from 4.1.1 to 4.5.4

[snyk-bot]

Snyk has created this PR to upgrade ibm-watson from 4.1.1 to 4.5.4.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 20 versions ahead of your current version.
• The recommended version was released 2 years ago, on 2019-10-15.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Prototype Pollution SNYK-JS-LODASH-608086	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-590103	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-LODASH-450202	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Command Injection SNYK-JS-LODASH-1040724	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-567746	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Denial of Service (DoS) SNYK-JS-AXIOS-174505	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: ibm-watson

• 4.5.4 - 2019-10-15
• 4.5.3 - 2019-10-04
• 4.5.2 - 2019-10-04
• 4.5.1 - 2019-09-19
• 4.5.0 - 2019-09-19
• 4.4.0 - 2019-08-20
• 4.3.4 - 2019-08-13
• 4.3.3 - 2019-08-08
• 4.3.2 - 2019-08-07
• 4.3.1 - 2019-08-05
• 4.3.0 - 2019-07-25
• 4.2.6 - 2019-07-23
• 4.2.5 - 2019-07-19
• 4.2.4 - 2019-07-17
• 4.2.3 - 2019-07-17
• 4.2.2 - 2019-07-12
• 4.2.1 - 2019-06-14
• 4.2.0 - 2019-06-10
• 4.1.3 - 2019-05-24
• 4.1.2 - 2019-05-22
• 4.1.1 - 2019-05-13

from ibm-watson GitHub release notes

Commit messages

Package name: ibm-watson

• 1f1e23e chore(release): 4.5.4 [skip-ci]
• 4db6e36 fix(visual-recognition-v3): add dummy filename parameter to `createClassifier` (#985)
• 2ea1e01 chore(release): 4.5.3 [skip-ci]
• 002440c fix(browser): add browser dummy for the `common` module
• accddd8 chore(release): 4.5.2 [skip ci]
• 29d521b build: update dependencies to reduce vulnerabilities
• 812acfc build: move `synk` from `dependencies` to `devDependencies`
• b2df242 build: use v0.3.7 of the core library
• cfce00e chore(release): 4.5.1 [skip ci]
• 4f1679c fix: pass user-defined http(s) agent to websocket methods (#953)
• e400240 chore(release): 4.5.0 [skip ci]
• 789af68 test: update tests for new auth.js format and remove detect faces tests (#964)
• 93eb677 fix: ignore unecessary files for npm releases (#962)
• 3014478 feat: separate strings out of primary SynthesizeStream pipe (#957)
• 86506e3 refactor: remove unused helper function from stt/v1 (#950)
• 02fb8c9 chore: update package-lock.json (#949)
• 0d7e583 docs: fix type in corporate proxy example
• 795b036 docs(icp link): fix anchor link to ICP sections (#937)
• cd648ac refactor: add return type to getSdkHeaders (#936)
• 4fc66c5 chore(release): 4.4.0 [skip ci]
• 132ad09 feat(compare-comply): new model ContractCurrencies added (#935)
• 44b7004 chore(release): 4.3.4 [skip ci]
• bba47a0 fix: disable analytics headers in browser to fix cors issues (#932)
• bdcf9d6 fix: disable analytics headers in browser to fix cors issues

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs