Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade stripe from 12.18.0 to 17.2.0 #125

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

[Snyk] Upgrade stripe from 12.18.0 to 17.2.0 #125

wants to merge 1 commit into from

Conversation

WontonSam
Copy link
Owner

snyk-top-banner

Snyk has created this PR to upgrade stripe from 12.18.0 to 17.2.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

⚠️ Warning: This PR contains major version upgrade(s), and may be a breaking change.

  • The recommended version is 122 versions ahead of your current version.

  • The recommended version was released on 22 days ago.

Issues fixed by the recommended upgrade:

Issue Score Exploit Maturity
medium severity Cross-site Scripting (XSS)
SNYK-JS-COOKIE-8163060		 44 No Known Exploit
Release notes
Package name: stripe
  • 17.2.0 - 2024-10-09
    • #2201 Add fetchRelatedObject to V2 Events if needed
      • fetchRelatedObject is added to events retrieved using stripe.v2.core.events and can be used to easily fetch the Stripe object related to a retrieved event

    See the changelog for more details.

  • 17.2.0-beta.2 - 2024-10-08
    • #2180 Update generated code for beta
      • Add support for submit_card test helper method on resource Issuing.Card
      • Add support for groups on AccountCreateParams, AccountUpdateParams, and Account
      • Add support for disable_stripe_user_authentication on AccountSession.components.account_management.features, AccountSession.components.account_onboarding.features, AccountSession.components.balances.features, AccountSession.components.notification_banner.features, AccountSession.components.payouts.features, AccountSessionCreateParams.components.account_management.features, AccountSessionCreateParams.components.account_onboarding.features, AccountSessionCreateParams.components.balances.features, AccountSessionCreateParams.components.financial_account.features, AccountSessionCreateParams.components.notification_banner.features, and AccountSessionCreateParams.components.payouts.features
      • Add support for card_spend_dispute_management and spend_control_management on AccountSessionCreateParams.components.issuing_cards_list.features
      • Add support for new value payout_statement_descriptor_profanity on enums Invoice.last_finalization_error.code, PaymentIntent.last_payment_error.code, SetupAttempt.setup_error.code, SetupIntent.last_setup_error.code, and StripeError.code
      • Add support for kakao_pay and kr_card on Charge.payment_method_details, ConfirmationToken.payment_method_preview, ConfirmationTokenCreateParams.testHelpers.payment_method_data, Mandate.payment_method_details, PaymentIntent.payment_method_options, PaymentIntentConfirmParams.payment_method_data, PaymentIntentConfirmParams.payment_method_options, PaymentIntentCreateParams.payment_method_data, PaymentIntentCreateParams.payment_method_options, PaymentIntentUpdateParams.payment_method_data, PaymentIntentUpdateParams.payment_method_options, PaymentMethodCreateParams, PaymentMethod, SetupAttempt.payment_method_details, SetupIntentConfirmParams.payment_method_data, SetupIntentCreateParams.payment_method_data, and SetupIntentUpdateParams.payment_method_data
      • Add support for naver_pay on Charge.payment_method_details, ConfirmationToken.payment_method_preview, ConfirmationTokenCreateParams.testHelpers.payment_method_data, PaymentIntent.payment_method_options, PaymentIntentConfirmParams.payment_method_data, PaymentIntentConfirmParams.payment_method_options, PaymentIntentCreateParams.payment_method_data, PaymentIntentCreateParams.payment_method_options, PaymentIntentUpdateParams.payment_method_data, PaymentIntentUpdateParams.payment_method_options, PaymentMethodCreateParams, PaymentMethodUpdateParams, PaymentMethod, SetupIntentConfirmParams.payment_method_data, SetupIntentCreateParams.payment_method_data, and SetupIntentUpdateParams.payment_method_data
      • Add support for payco and samsung_pay on Charge.payment_method_details, ConfirmationToken.payment_method_preview, ConfirmationTokenCreateParams.testHelpers.payment_method_data, PaymentIntent.payment_method_options, PaymentIntentConfirmParams.payment_method_data, PaymentIntentConfirmParams.payment_method_options, PaymentIntentCreateParams.payment_method_data, PaymentIntentCreateParams.payment_method_options, PaymentIntentUpdateParams.payment_method_data, PaymentIntentUpdateParams.payment_method_options, PaymentMethodCreateParams, PaymentMethod, SetupIntentConfirmParams.payment_method_data, SetupIntentCreateParams.payment_method_data, and SetupIntentUpdateParams.payment_method_data
      • Add support for new values kakao_pay, kr_card, naver_pay, payco, and samsung_pay on enums Checkout.SessionCreateParams.payment_method_types[], CustomerListPaymentMethodsParams.type, PaymentMethodCreateParams.type, and PaymentMethodListParams.type
      • Add support for new values by_tin, ma_vat, md_vat, tz_vat, uz_tin, and uz_vat on enums Checkout.Session.collected_information.tax_ids[].type, Checkout.Session.customer_details.tax_ids[].type, Invoice.customer_tax_ids[].type, Order.tax_details.tax_ids[].type, Tax.Calculation.customer_details.tax_ids[].type, Tax.Transaction.customer_details.tax_ids[].type, and TaxId.type
      • Add support for new values kakao_pay, kr_card, naver_pay, payco, and samsung_pay on enums ConfirmationTokenCreateParams.testHelpers.payment_method_data.type, PaymentIntentConfirmParams.payment_method_data.type, PaymentIntentCreateParams.payment_method_data.type, PaymentIntentUpdateParams.payment_method_data.type, SetupIntentConfirmParams.payment_method_data.type, SetupIntentCreateParams.payment_method_data.type, and SetupIntentUpdateParams.payment_method_data.type
      • Add support for new values kakao_pay, kr_card, naver_pay, payco, and samsung_pay on enums ConfirmationToken.payment_method_preview.type and PaymentMethod.type
      • Add support for new values by_tin, ma_vat, md_vat, tz_vat, uz_tin, and uz_vat on enums CustomerCreateParams.tax_id_data[].type, InvoiceCreatePreviewParams.customer_details.tax_ids[].type, InvoiceUpcomingLinesParams.customer_details.tax_ids[].type, InvoiceUpcomingParams.customer_details.tax_ids[].type, OrderCreateParams.tax_details.tax_ids[].type, OrderUpdateParams.tax_details.tax_ids[].type, Tax.CalculationCreateParams.customer_details.tax_ids[].type, and TaxIdCreateParams.type
      • Add support for new value refund.failed on enum Event.type
      • Add support for metadata on Forwarding.Request
      • Add support for new value retail_delivery_fee on enums InvoiceAddLinesParams.lines[].tax_amounts[].tax_rate_data.tax_type, InvoiceUpdateLinesParams.lines[].tax_amounts[].tax_rate_data.tax_type, Tax.Calculation.shipping_cost.tax_breakdown[].tax_rate_details.tax_type, Tax.Calculation.tax_breakdown[].tax_rate_details.tax_type, Tax.CalculationLineItem.tax_breakdown[].tax_rate_details.tax_type, Tax.Transaction.shipping_cost.tax_breakdown[].tax_rate_details.tax_type, TaxRate.tax_type, TaxRateCreateParams.tax_type, and TaxRateUpdateParams.tax_type
      • Add support for new value expired on enums Issuing.Authorization.status and Issuing.AuthorizationListParams.status
      • Add support for line_items on Order.payment.settings.payment_method_options.paypal, OrderCreateParams.payment.settings.payment_method_options.paypal, OrderUpdateParams.payment.settings.payment_method_options.paypal, PaymentIntent.payment_method_options.paypal, PaymentIntentConfirmParams.payment_method_options.paypal, PaymentIntentCreateParams.payment_method_options.paypal, and PaymentIntentUpdateParams.payment_method_options.paypal
      • Add support for flat_amount and rate_type on Tax.Calculation.tax_breakdown[].tax_rate_details and TaxRate
      • Add support for by, cr, ec, ma, md, rs, ru, tz, and uz on Tax.Registration.country_options and Tax.RegistrationCreateParams.country_options
      • Add support for new value state_retail_delivery_fee on enums Tax.Registration.country_options.us.type and Tax.RegistrationCreateParams.country_options.us.type
      • Add support for new value refund.failed on enums WebhookEndpointCreateParams.enabled_events[] and WebhookEndpointUpdateParams.enabled_events[]
    • #2203 Merge into beta using the merge script

    See the changelog for more details.

  • 17.2.0-beta.1 - 2024-10-03
    • #2200 Updates beta branch with changes in master
      • Add support for reporting_chart on AccountSessionCreateParams.components
      • Remove support for from_schedule on Quote.subscription_data
      • Add support for allow_redisplay on Terminal.ReaderCollectPaymentMethodParams.collect_config

    See the changelog for more details.

  • 17.1.0 - 2024-10-03
    • #2199 Update generated code
      • Remove the support for resource Margin that was accidentally made public in the last release

    See the changelog for more details.

  • 17.0.0 - 2024-10-01

    • #2192 Support for APIs in the new API version 2024-09-30.acacia

      This release changes the pinned API version to 2024-09-30.acacia. Please read the API Upgrade Guide and carefully review the API changes before upgrading.

      ⚠️ Breaking changes due to changes in the Stripe API

      • Rename usage_threshold_config to usage_threshold on Billing.AlertCreateParams and Billing.Alert
      • Remove support for filter on Billing.AlertCreateParams and Billing.Alert. Use the filters on the usage_threshold instead
      • Remove support for customer_consent_collected on Terminal.ReaderProcessSetupIntentParams.

      ⚠️ Other Breaking changes in the SDK

      • Adjusted default values around reties for HTTP requests. You can use the old defaults by setting them explicitly. New values are:
        • max retries: 1 -> 2
        • max timeout (seconds): 2 -> 5

      Additions

      • Add support for custom_unit_amount on ProductCreateParams.default_price_data
      • Add support for allow_redisplay on Terminal.ReaderProcessPaymentIntentParams.process_config and Terminal.ReaderProcessSetupIntentParams
      • Add support for new value international_transaction on enum Treasury.ReceivedCredit.failure_code
      • Add support for new value 2024-09-30.acacia on enum WebhookEndpointCreateParams.api_version
      • Add support for new Usage Billing APIs Billing.MeterEvent, Billing.MeterEventAdjustments, Billing.MeterEventSession, Billing.MeterEventStream and the new Events API Core.Events in the v2 namespace
      • Add method parseThinEvent() on the Stripe class to parse thin events.
      • Add method rawRequest() on the Stripe class that takes a HTTP method type, url and relevant parameters to make requests to the Stripe API that are not yet supported in the SDK.

      Changes

      • Change BillingPortal.ConfigurationCreateParams.features.subscription_update.default_allowed_updates and BillingPortal.ConfigurationCreateParams.features.subscription_update.products to be optional

    See the changelog for more details.

  • 16.13.0-beta.1 - 2024-09-18
    • #2178 Update generated code for beta
      • Remove support for resource QuotePhase
      • Remove support for list_line_items and retrieve methods on resource QuotePhase
      • Add support for send_money and transfer_balance on AccountSessionCreateParams.components.financial_account.features
      • Add support for new value rechnung on enums PaymentLink.payment_method_types[], PaymentLinkCreateParams.payment_method_types[], and PaymentLinkUpdateParams.payment_method_types[]
      • Change Quote.subscription_data_overrides[].end_behavior to be optional

    See the changelog for more details.

  • 16.12.0 - 2024-09-18
    • #2177 Update generated code
      • Add support for new value international_transaction on enum Treasury.ReceivedDebit.failure_code
    • #2175 Update generated code
      • Add support for new value verification_supportability on enums Account.future_requirements.errors[].code, Account.requirements.errors[].code, BankAccount.future_requirements.errors[].code, and BankAccount.requirements.errors[].code
      • Add support for new value terminal_reader_invalid_location_for_activation on enums Invoice.last_finalization_error.code, PaymentIntent.last_payment_error.code, SetupAttempt.setup_error.code, SetupIntent.last_setup_error.code, and StripeError.code
      • Add support for payer_details on Charge.payment_method_details.klarna
      • Add support for amazon_pay on Dispute.payment_method_details
      • Add support for new value amazon_pay on enum Dispute.payment_method_details.type
      • Add support for automatically_finalizes_at on Invoice
      • Add support for state_sales_tax on Tax.Registration.country_options.us and Tax.RegistrationCreateParams.country_options.us

    See the changelog for more details.

  • 16.12.0-beta.1 - 2024-09-13
    • #2170 Update generated code for beta
      • Add support for new resources Issuing.DisputeSettlementDetail and Issuing.Settlement
      • Add support for list and retrieve methods on resource DisputeSettlementDetail
      • Remove support for list method on resource QuotePhase
      • Add support for new value rechnung on enum Checkout.SessionCreateParams.payment_method_types[]
      • Add support for new values issuing_dispute_settlement_detail.created, issuing_dispute_settlement_detail.updated, issuing_settlement.created, and issuing_settlement.updated on enum Event.type
      • Add support for settlement on Issuing.TransactionListParams and Issuing.Transaction
      • Add support for new values issuing_dispute_settlement_detail.created, issuing_dispute_settlement_detail.updated, issuing_settlement.created, and issuing_settlement.updated on enums WebhookEndpointCreateParams.enabled_events[] and WebhookEndpointUpdateParams.enabled_events[]

    See the changelog for more details.

  • 16.11.0 - 2024-09-12
    • #2171 Update generated code
      • Add support for new resource InvoiceRenderingTemplate
      • Add support for archive, list, retrieve, and unarchive methods on resource InvoiceRenderingTemplate
      • Add support for required on Checkout.Session.tax_id_collection, Checkout.SessionCreateParams.tax_id_collection, PaymentLink.tax_id_collection, PaymentLinkCreateParams.tax_id_collection, and PaymentLinkUpdateParams.tax_id_collection
      • Add support for template on Customer.invoice_settings.rendering_options, CustomerCreateParams.invoice_settings.rendering_options, CustomerUpdateParams.invoice_settings.rendering_options, Invoice.rendering, InvoiceCreateParams.rendering, and InvoiceUpdateParams.rendering
      • Add support for template_version on Invoice.rendering, InvoiceCreateParams.rendering, and InvoiceUpdateParams.rendering
      • Add support for new value submitted on enum Issuing.Card.shipping.status
      • Change TestHelpers.TestClock.status_details to be required
    • #2172 Null out empty data sent to GET/DELETE APIs

    See the changelog for more details.

  • 16.11.0-beta.1 - 2024-09-05
    • #2162 Update generated code for beta
      • Add support for new resources Billing.MeterErrorReport and Terminal.ReaderCollectedData
      • Add support for retrieve method on resource ReaderCollectedData
      • Add support for recipients on AccountSessionCreateParams.components
      • Add support for new value terminal_reader_collected_data_invalid on enums Invoice.last_finalization_error.code, PaymentIntent.last_payment_error.code, SetupAttempt.setup_error.code, SetupIntent.last_setup_error.code, and StripeError.code
      • Add support for new value mb_way on enum Checkout.SessionCreateParams.payment_method_types[]
      • Add support for business_name, email, phone, and tax_ids on Checkout.Session.collected_information
      • Add support for new value billing.meter_error_report.triggered on enum Event.type
      • Add support for regulatory_reporting_file on Issuing.CreditUnderwritingRecordCorrectParams, Issuing.CreditUnderwritingRecordCreateFromProactiveReviewParams, Issuing.CreditUnderwritingRecordReportDecisionParams, and Issuing.CreditUnderwritingRecord
      • Add support for new value mb_way on enums PaymentLink.payment_method_types[], PaymentLinkCreateParams.payment_method_types[], and PaymentLinkUpdateParams.payment_method_types[]
      • Remove support for rechnung on PaymentMethodUpdateParams
      • Add support for new value billing.meter_error_report.triggered on enums WebhookEndpointCreateParams.enabled_events[] and WebhookEndpointUpdateParams.enabled_events[]

    See the changelog for more details.

  • 16.10.0 - 2024-09-05
  • 16.9.0 - 2024-08-29
  • 16.9.0-beta.2 - 2024-08-22
  • 16.9.0-beta.1 - 2024-08-15
  • 16.8.0 - 2024-08-15
  • 16.8.0-beta.1 - 2024-08-12
  • 16.7.0 - 2024-08-09
  • 16.7.0-beta.1 - 2024-08-01
  • 16.6.0 - 2024-08-01
  • 16.6.0-beta.1 - 2024-07-25
  • 16.5.0 - 2024-07-25
  • 16.4.0 - 2024-07-23
  • 16.4.0-beta.1 - 2024-07-11
  • 16.3.0-beta.1 - 2024-07-05
  • 16.2.0 - 2024-07-05
  • 16.2.0-beta.1 - 2024-06-27
  • 16.1.0 - 2024-06-27
  • 16.0.0 - 2024-06-24
  • 15.12.0 - 2024-06-17
  • 15.12.0-beta.1 - 2024-06-13
  • 15.11.0 - 2024-06-13
  • 15.11.0-beta.1 - 2024-06-06
  • 15.10.0 - 2024-06-06
  • 15.10.0-beta.1 - 2024-05-30
  • 15.9.0 - 2024-06-03
  • 15.8.0 - 2024-05-23
  • 15.7.0 - 2024-05-16
  • 15.7.0-beta.1 - 2024-05-09
  • 15.6.0 - 2024-05-09
  • 15.6.0-beta.1 - 2024-05-02
  • 15.5.0 - 2024-05-02
  • 15.5.0-beta.1 - 2024-04-25
  • 15.4.0 - 2024-04-25
  • 15.4.0-beta.1 - 2024-04-18
  • 15.3.0 - 2024-04-18
  • 15.2.0 - 2024-04-16
  • 15.2.0-beta.1 - 2024-04-12
  • 15.1.0 - 2024-04-11
  • 15.0.0 - 2024-04-10
  • 14.25.0 - 2024-04-09
  • 14.25.0-beta.1 - 2024-04-04
  • 14.24.0 - 2024-04-04
  • 14.24.0-beta.1 - 2024-03-28
  • 14.23.0 - 2024-03-28
  • 14.23.0-beta.1 - 2024-03-21
  • 14.22.0 - 2024-03-21
  • 14.22.0-beta.1 - 2024-03-14
  • 14.21.0 - 2024-03-14
  • 14.21.0-beta.1 - 2024-03-08
  • 14.20.0 - 2024-03-07
  • 14.20.0-beta.1 - 2024-02-29
  • 14.19.0 - 2024-02-29
  • 14.19.0-beta.1 - 2024-02-22
  • 14.18.0 - 2024-02-22
  • 14.18.0-beta.1 - 2024-02-16
  • 14.17.0 - 2024-02-16
  • 14.17.0-beta.1 - 2024-02-08
  • 14.16.0 - 2024-02-08
  • 14.15.0 - 2024-02-05
  • 14.15.0-beta.2 - 2024-02-02
  • 14.15.0-beta.1 - 2024-01-25
  • 14.14.0 - 2024-01-25
  • 14.14.0-beta.1 - 2024-01-18
  • 14.13.0 - 2024-01-18
  • 14.13.0-beta.1 - 2024-01-12
  • 14.12.0 - 2024-01-12
  • 14.12.0-beta.1 - 2024-01-04
  • 14.11.0 - 2024-01-04
  • 14.11.0-beta.1 - 2023-12-22
  • 14.10.0 - 2023-12-22
  • 14.10.0-beta.1 - 2023-12-15
  • 14.9.0 - 2023-12-14
  • 14.9.0-beta.1 - 2023-12-08
  • 14.8.0 - 2023-12-07
  • 14.8.0-beta.1 - 2023-11-30
  • 14.7.0 - 2023-11-30
  • 14.7.0-beta.2 - 2023-11-27
  • 14.7.0-beta.1 - 2023-11-21
  • 14.6.0 - 2023-11-30
  • 14.6.0-beta.1 - 2023-11-17
  • 14.5.0 - 2023-11-17
  • 14.5.0-beta.1 - 2023-11-10
  • 14.4.0 - 2023-11-09
  • 14.4.0-beta.1 - 2023-11-02
  • 14.3.0 - 2023-11-02
  • 14.3.0-beta.1 - 2023-10-26
  • 14.2.0 - 2023-10-26
  • 14.2.0-beta.1 - 2023-10-17
  • 14.1.0 - 2023-10-17
  • 14.0.0 - 2023-10-16
  • 13.12.0-beta.1 - 2023-10-16
  • 13.11.0 - 2023-10-16
  • 13.11.0-beta.1 - 2023-10-11
  • 13.10.0 - 2023-10-11
  • 13.10.0-beta.1 - 2023-10-05
  • 13.9.0 - 2023-10-05
  • 13.9.0-beta.1 - 2023-09-29
  • 13.8.0 - 2023-09-28
  • 13.8.0-beta.1 - 2023-09-21
  • 13.7.0 - 2023-09-21
  • 13.7.0-beta.1 - 2023-09-15
  • 13.6.0 - 2023-09-15
  • 13.6.0-beta.1 - 2023-09-07
  • 13.5.0 - 2023-09-07
  • 13.5.0-beta.1 - 2023-09-01
  • 13.4.0 - 2023-08-31
  • 13.3.0 - 2023-08-24
  • 13.2.0 - 2023-08-17
  • 13.1.0 - 2023-08-17
  • 13.0.0 - 2023-08-16
  • 13.0.0-beta.1 - 2023-08-24
  • 12.19.0-beta.1 - 2023-08-11
  • 12.18.0 - 2023-08-11
from stripe GitHub release notes

Important

  • Warning: This PR contains a major version upgrade, and may be a breaking change.
  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

@snyk-bot
feat: upgrade stripe from 12.18.0 to 17.2.0
2d1545e 
Snyk has created this PR to upgrade stripe from 12.18.0 to 17.2.0.

See this package in npm:
stripe

See this project in Snyk:
https://app.snyk.io/org/cachiman/project/1cffde28-29cd-4f57-8d02-3b3dfad72aae?utm_source=github&utm_medium=referral&page=upgrade-pr
@google-cla Google CLA
Copy link

google-cla bot commented Oct 31, 2024

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@WontonSam @snyk-bot