[Snyk] Upgrade: , body-parser, dotenv, ejs, express, ngrok, stripe

[WontonSam]

Snyk has created this PR to upgrade multiple dependencies.

👯‍♂ The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

⚠️ Warning: This PR contains major version upgrade(s), and may be a breaking change.

Name	Versions	Released on

@types/faker
from 4.1.5 to 6.6.8 | 28 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 3 years ago
on 2022-01-18
body-parser
from 1.18.2 to 1.20.2 | 7 versions ahead of your current version | 2 years ago
on 2023-02-22
dotenv
from 4.0.0 to 16.4.5 | 59 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 7 months ago
on 2024-02-20
ejs
from 2.5.7 to 3.1.10 | 19 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 5 months ago
on 2024-04-12
express
from 4.16.2 to 4.19.2 | 13 versions ahead of your current version | 6 months ago
on 2024-03-25
ngrok
from 3.2.7 to 4.3.3 | 17 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 2 years ago
on 2022-08-18
stripe
from 6.28.0 to 16.9.0 | 502 versions ahead of your current version
⚠️ This is a major version upgrade, and may be a breaking change | 24 days ago
on 2024-08-29

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Prototype Poisoning SNYK-JS-QS-3153490	162	Proof of Concept
	Prototype Poisoning SNYK-JS-QS-3153490	162	Proof of Concept
	Prototype Pollution SNYK-JS-AJV-584908	162	No Known Exploit
	Asymmetric Resource Consumption (Amplification) SNYK-JS-BODYPARSER-7926860	162	No Known Exploit
	Remote Code Execution (RCE) SNYK-JS-EJS-2803307	162	Proof of Concept
	Prototype Pollution SNYK-JS-JSONSCHEMA-1920922	162	No Known Exploit
	Prototype Poisoning SNYK-JS-QS-3153490	162	Proof of Concept
	Server-side Request Forgery (SSRF) SNYK-JS-REQUEST-3361831	162	Proof of Concept
	Arbitrary Code Injection SNYK-JS-EJS-1049328	162	Proof of Concept
	Prototype Pollution SNYK-JS-TOUGHCOOKIE-5672873	162	Proof of Concept
	Improper Control of Dynamically-Managed Code Resources SNYK-JS-EJS-6689533	162	No Known Exploit
	Open Redirect SNYK-JS-EXPRESS-6474509	162	No Known Exploit
	Cross-site Scripting SNYK-JS-EXPRESS-7926867	162	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHTOREGEXP-7925106	162	Proof of Concept
	Cross-site Scripting SNYK-JS-SEND-7926862	162	No Known Exploit
	Cross-site Scripting SNYK-JS-SERVESTATIC-7926865	162	No Known Exploit

Release notes

Package name: body-parser

• 1.20.2 - 2023-02-22
  
  • Fix strict json error message on Node.js 19+
  • deps: content-type@~1.0.5
    • perf: skip value escaping when unnecessary
  • deps: raw-body@2.5.2
• 1.20.1 - 2022-10-06
  
  • deps: qs@6.11.0
  • perf: remove unnecessary object clone
• 1.20.0 - 2022-04-03
  
  • Fix error message for json parse whitespace in strict
  • Fix internal error when inflated body exceeds limit
  • Prevent loss of async hooks context
  • Prevent hanging when request already read
  • deps: depd@2.0.0
    • Replace internal eval usage with Function constructor
    • Use instance methods on process to check for listeners
  • deps: http-errors@2.0.0
    • deps: depd@2.0.0
    • deps: statuses@2.0.1
  • deps: on-finished@2.4.1
  • deps: qs@6.10.3
  • deps: raw-body@2.5.1
    • deps: http-errors@2.0.0
• 1.19.2 - 2022-02-16
  
  • deps: bytes@3.1.2
  • deps: qs@6.9.7
    • Fix handling of __proto__ keys
  • deps: raw-body@2.4.3
    • deps: bytes@3.1.2
• 1.19.1 - 2021-12-10
  
  • deps: bytes@3.1.1
  • deps: http-errors@1.8.1
    • deps: inherits@2.0.4
    • deps: toidentifier@1.0.1
    • deps: setprototypeof@1.2.0
  • deps: qs@6.9.6
  • deps: raw-body@2.4.2
    • deps: bytes@3.1.1
    • deps: http-errors@1.8.1
  • deps: safe-buffer@5.2.1
  • deps: type-is@~1.6.18
• 1.19.0 - 2019-04-26
  
  • deps: bytes@3.1.0
    • Add petabyte (pb) support
  • deps: http-errors@1.7.2
    • Set constructor name when possible
    • deps: setprototypeof@1.1.1
    • deps: statuses@'>= 1.5.0 < 2'
  • deps: iconv-lite@0.4.24
    • Added encoding MIK
  • deps: qs@6.7.0
    • Fix parsing array brackets after index
  • deps: raw-body@2.4.0
    • deps: bytes@3.1.0
    • deps: http-errors@1.7.2
    • deps: iconv-lite@0.4.24
  • deps: type-is@~1.6.17
    • deps: mime-types@~2.1.24
    • perf: prevent internal throw on invalid type
• 1.18.3 - 2018-05-14
  
  • Fix stack trace for strict json parse error
  • deps: depd@~1.1.2
    • perf: remove argument reassignment
  • deps: http-errors@~1.6.3
    • deps: depd@~1.1.2
    • deps: setprototypeof@1.1.0
    • deps: statuses@'>= 1.3.1 < 2'
  • deps: iconv-lite@0.4.23
    • Fix loading encoding with year appended
    • Fix deprecation warnings on Node.js 10+
  • deps: qs@6.5.2
  • deps: raw-body@2.3.3
    • deps: http-errors@1.6.3
    • deps: iconv-lite@0.4.23
  • deps: type-is@~1.6.16
    • deps: mime-types@~2.1.18
• 1.18.2 - 2017-09-22
  
  • deps: debug@2.6.9
  • perf: remove argument reassignment

from body-parser GitHub release notes

Package name: dotenv

• 16.4.5 - 2024-02-20
  

  16.4.5

• 16.4.4 - 2024-02-13
  

  16.4.4

• 16.4.3 - 2024-02-12
  

  16.4.3

• 16.4.2 - 2024-02-10
  

  16.4.2

• 16.4.1 - 2024-01-24
  

  16.4.1

• 16.4.0 - 2024-01-23
  

  16.4.0

• 16.3.2 - 2024-01-19
  

  16.3.2

• 16.3.1 - 2023-06-17
  

  16.3.1

• 16.3.0 - 2023-06-16
  

  16.3.0

• 16.2.0 - 2023-06-16
  

  16.2.0

• 16.1.4 - 2023-06-04
• 16.1.3 - 2023-05-31
• 16.1.2 - 2023-05-31
• 16.1.1 - 2023-05-31
• 16.1.0 - 2023-05-30
• 16.1.0-rc2 - 2023-05-21
• 16.1.0-rc1 - 2023-04-07
• 16.0.3 - 2022-09-29
• 16.0.2 - 2022-08-30
• 16.0.1 - 2022-05-10
• 16.0.0 - 2022-02-02
• 15.0.1 - 2022-02-02
• 15.0.0 - 2022-01-31
• 14.3.2 - 2022-01-25
• 14.3.1 - 2022-01-25
• 14.3.0 - 2022-01-24
• 14.2.0 - 2022-01-17
• 14.1.1 - 2022-01-17
• 14.1.0 - 2022-01-17
• 14.0.1 - 2022-01-17
• 14.0.0 - 2022-01-17
• 13.0.1 - 2022-01-16
• 13.0.0 - 2022-01-16
• 12.0.4 - 2022-01-16
• 12.0.3 - 2022-01-15
• 12.0.2 - 2022-01-15
• 12.0.1 - 2022-01-15
• 12.0.0 - 2022-01-14
• 11.0.0 - 2022-01-11
• 10.0.0 - 2021-05-21
• 9.0.2 - 2021-05-10
• 9.0.1 - 2021-05-09
• 9.0.0 - 2021-05-05
• 8.6.0 - 2021-05-05
• 8.5.1 - 2021-05-05
• 8.5.0 - 2021-05-05
• 8.4.0 - 2021-05-05
• 8.3.0 - 2021-05-05
• 8.2.0 - 2019-10-16
• 8.1.0 - 2019-08-18
• 8.0.0 - 2019-05-02
• 7.0.0 - 2019-03-13
• 6.2.0 - 2018-12-05
  

  16.2.0

• 6.2.0-rc1 - 2018-11-01
• 6.2.0-0 - 2018-12-04
• 6.1.0 - 2018-10-08
• 6.0.0 - 2018-06-02
• 5.0.1 - 2018-02-26
• 5.0.0 - 2018-01-29
• 4.0.0 - 2017-01-07

from dotenv GitHub release notes

Package name: ejs

• 3.1.10 - 2024-04-12
  

  Version 3.1.10

• 3.1.9 - 2023-03-12
  

  Version 3.1.9

• 3.1.8 - 2022-05-11
  

  Version 3.1.8

• 3.1.7 - 2022-04-20
  

  Version 3.1.7

• 3.1.6 - 2021-02-06
  

  Version 3.1.6

• 3.1.5 - 2020-08-17
  

  Version 3.1.5

• 3.1.4 - 2020-08-17
• 3.1.3 - 2020-05-17
  

  Version 3.1.3

• 3.1.2 - 2020-04-24
  

  Version 3.1.2

• 3.0.2 - 2020-03-29
  No content.
• 3.0.1 - 2019-11-24
  

  Version 3.0.1

• 2.7.4 - 2019-11-19
• 2.7.3 - 2019-11-19
• 2.7.2 - 2019-11-13
• 2.7.1 - 2019-09-02
• 2.6.2 - 2019-06-15
• 2.6.1 - 2018-05-05
• 2.5.9 - 2018-04-19
• 2.5.8 - 2018-03-26
• 2.5.7 - 2017-07-30

from ejs GitHub release notes

Package name: express

• 4.19.2 - 2024-03-25
• 4.19.1 - 2024-03-20
  

  What's Changed

  • Fix ci after location patch by @ wesleytodd in #5552
  • fixed un-edited version in history.md for 4.19.0 by @ wesleytodd in #5556

  Full Changelog: 4.19.0...4.19.1

• 4.19.0 - 2024-03-20
  

  What's Changed

  • fix typo in release date by @ UlisesGascon in #5527
  • docs: nominating @ wesleytodd to be project captian by @ wesleytodd in #5511
  • docs: loosen TC activity rules by @ wesleytodd in #5510
  • Add note on how to update docs for new release by @ crandmck in #5541
  • Prevent open redirect allow list bypass due to encodeurl
  • Release 4.19.0 by @ wesleytodd in #5551

  New Contributors

  • @ crandmck made their first contribution in #5541

  Full Changelog: 4.18.3...4.19.0

• 4.18.3 - 2024-02-29
  

  Main Changes

  • Fix routing requests without method
  • deps: body-parser@1.20.2
    • Fix strict json error message on Node.js 19+
    • deps: content-type@~1.0.5
    • deps: raw-body@2.5.2

  Other Changes

  • Use https: protocol instead of deprecated git: protocol by @ vcsjones in #5032
  • build: Node.js@16.18 and Node.js@18.12 by @ abenhamdine in #5034
  • ci: update actions/checkout to v3 by @ armujahid in #5027
  • test: remove unused function arguments in params by @ raksbisht in #5124
  • Remove unused originalIndex from acceptParams by @ raksbisht in #5119
  • Fixed typos by @ raksbisht in #5117
  • examples: remove unused params by @ raksbisht in #5113
  • fix: parameter str is not described in JSDoc by @ raksbisht in #5130
  • fix: typos in History.md by @ raksbisht in #5131
  • build : add Node.js@19.7 by @ abenhamdine in #5028
  • test: remove unused function arguments in params by @ raksbisht in #5137
  • use random port in test so it won't fail on already listening by @ rluvaton in #5162
  • tests: use cb() instead of done() by @ kristof-low in #5233
  • examples: remove multipart example by @ riddlew in #5195
  • Update support Node.js@18 in the CI by @ UlisesGascon in #5490
  • Fix favicon-related bug in cookie-sessions example by @ DmytroKondrashov in #5414
  • Release 4.18.3 by @ UlisesGascon in #5505

  New Contributors

  • @ vcsjones made their first contribution in #5032
  • @ abenhamdine made their first contribution in #5034
  • @ armujahid made their first contribution in #5027
  • @ raksbisht made their first contribution in #5124
  • @ rluvaton made their first contribution in #5162
  • @ kristof-low made their first contribution in #5233
  • @ riddlew made their first contribution in #5195
  • @ DmytroKondrashov made their first contribution in #5414

  Full Changelog: 4.18.2...4.18.3

• 4.18.2 - 2022-10-08
  
  • Fix regression routing a large stack in a single route
  • deps: body-parser@1.20.1
    • deps: qs@6.11.0
    • perf: remove unnecessary object clone
  • deps: qs@6.11.0
• 4.18.1 - 2022-04-29
  
  • Fix hanging on large stack of sync routes
• 4.18.0 - 2022-04-25
  
  • Add "root" option to res.download
  • Allow options without filename in res.download
  • Deprecate string and non-integer arguments to res.status
  • Fix behavior of null/undefined as maxAge in res.cookie
  • Fix handling very large stacks of sync middleware
  • Ignore Object.prototype values in settings through app.set/app.get
  • Invoke default with same arguments as types in res.format
  • Support proper 205 responses using res.send
  • Use http-errors for res.format error
  • deps: body-parser@1.20.0
    • Fix error message for json parse whitespace in strict
    • Fix internal error when inflated body exceeds limit
    • Prevent loss of async hooks context
    • Prevent hanging when request already read
    • deps: depd@2.0.0
    • deps: http-errors@2.0.0
    • deps: on-finished@2.4.1
    • deps: qs@6.10.3
    • deps: raw-body@2.5.1
  • deps: cookie@0.5.0
    • Add priority option
    • Fix expires option to reject invalid dates
  • deps: depd@2.0.0
    • Replace internal eval usage with Function constructor
    • Use instance methods on process to check for listeners
  • deps: finalhandler@1.2.0
    • Remove set content headers that break response
    • deps: on-finished@2.4.1
    • deps: statuses@2.0.1
  • deps: on-finished@2.4.1
    • Prevent loss of async hooks context
  • deps: qs@6.10.3
  • deps: send@0.18.0
    • Fix emitted 416 error missing headers property
    • Limit the headers removed for 304 response
    • deps: depd@2.0.0
    • deps: destroy@1.2.0
    • deps: http-errors@2.0.0
    • deps: on-finished@2.4.1
    • deps: statuses@2.0.1
  • deps: serve-static@1.15.0
    • deps: send@0.18.0
  • deps: statuses@2.0.1
    • Remove code 306
    • Rename 425 Unordered Collection to standard 425 Too Early
• 4.17.3 - 2022-02-17
  
  • deps: accepts@~1.3.8
    • deps: mime-types@~2.1.34
    • deps: negotiator@0.6.3
  • deps: body-parser@1.19.2
    • deps: bytes@3.1.2
    • deps: qs@6.9.7
    • deps: raw-body@2.4.3
  • deps: cookie@0.4.2
  • deps: qs@6.9.7
    • Fix handling of __proto__ keys
  • pref: remove unnecessary regexp for trust proxy
• 4.17.2 - 2021-12-17
  
  • Fix handling of undefined in res.jsonp
  • Fix handling of undefined when "json escape" is enabled
  • Fix incorrect middleware execution with unanchored RegExps
  • Fix res.jsonp(obj, status) deprecation message
  • Fix typo in res.is JSDoc
  • deps: body-parser@1.19.1
    • deps: bytes@3.1.1
    • deps: http-errors@1.8.1
    • deps: qs@6.9.6
    • deps: raw-body@2.4.2
    • deps: safe-buffer@5.2.1
    • deps: type-is@~1.6.18
  • deps: content-disposition@0.5.4
    • deps: safe-buffer@5.2.1
  • deps: cookie@0.4.1
    • Fix maxAge option to reject invalid values
  • deps: proxy-addr@~2.0.7
    • Use req.socket over deprecated req.connection
    • deps: forwarded@0.2.0
    • deps: ipaddr.js@1.9.1
  • deps: qs@6.9.6
  • deps: safe-buffer@5.2.1
  • deps: send@0.17.2
    • deps: http-errors@1.8.1
    • deps: ms@2.1.3
    • pref: ignore empty http tokens
  • deps: serve-static@1.14.2
    • deps: send@0.17.2
  • deps: setprototypeof@1.2.0
• 4.17.1 - 2019-05-26
• 4.17.0 - 2019-05-17
• 4.16.4 - 2018-10-11
• 4.16.3 - 2018-03-12
• 4.16.2 - 2017-10-10

from express GitHub release notes

Package name: ngrok

• 4.3.3 - 2022-08-18
  

  Release version 4.3.3

• 4.3.2 - 2022-08-16
  

  Release version 4.3.2

• 4.3.1 - 2022-03-05
  

  4.3.1

• 4.3.0 - 2022-01-16
  

  4.3.0

• 4.2.2 - 2021-09-06
• 4.2.1 - 2021-09-06
• 4.2.0 - 2021-09-06
• 4.1.0 - 2021-07-26
  

  4.1.0

• 4.0.1 - 2021-04-05
  

  4.0.1

• 4.0.0 - 2021-03-28
  

  4.0.0

• 4.0.0-beta.4 - 2021-03-18
  

  4.0.0-beta.4

• 4.0.0-beta.3 - 2021-01-17
  

  4.0.0-beta.3

• 4.0.0-beta.2 - 2021-01-17
• 4.0.0-beta.1 - 2021-01-17
• 3.4.1 - 2021-03-14
  

  3.4.1

• 3.4.0 - 2020-12-22
• 3.3.0 - 2020-09-05
• 3.2.7 - 2019-12-12

from ngrok GitHub release notes

Package name: stripe

• 16.9.0 - 2024-08-29
  
  • #2163 Generate SDK for OpenAPI spec version 1230
    • Change AccountLinkCreateParams.collection_options.fields and LineItem.description to be optional
    • Add support for new value hr_oib on enums Checkout.Session.customer_details.tax_ids[].type, Invoice.customer_tax_ids[].type, Tax.Calculation.customer_details.tax_ids[].type, Tax.Transaction.customer_details.tax_ids[].type, and TaxId.type
    • Add support for new value hr_oib on enums CustomerCreateParams.tax_id_data[].type, InvoiceCreatePreviewParams.customer_details.tax_ids[].type, InvoiceUpcomingLinesParams.customer_details.tax_ids[].type, InvoiceUpcomingParams.customer_details.tax_ids[].type, Tax.CalculationCreateParams.customer_details.tax_ids[].type, and TaxIdCreateParams.type
    • Add support for new value issuing_regulatory_reporting on enums File.purpose and FileListParams.purpose
    • Add support for new value issuing_regulatory_reporting on enum FileCreateParams.purpose
    • Change Issuing.Card.shipping.address_validation to be required
    • Add support for status_details on TestHelpers.TestClock

  See the changelog for more details.

• 16.9.0-beta.2 - 2024-08-22
  
  • #2159 Update generated code for beta
    • Add support for mb_way_payments on Account.capabilities, AccountCreateParams.capabilities, and AccountUpdateParams.capabilities
    • Add support for mb_way on Charge.payment_method_details, ConfirmationToken.payment_method_preview, ConfirmationTokenCreateParams.testHelpers.payment_method_data, PaymentIntent.payment_method_options, PaymentIntentConfirmParams.payment_method_data, PaymentIntentConfirmParams.payment_method_options, PaymentIntentCreateParams.payment_method_data, PaymentIntentCreateParams.payment_method_options, PaymentIntentUpdateParams.payment_method_data, PaymentIntentUpdateParams.payment_method_options, PaymentMethodCreateParams, PaymentMethod, SetupIntentConfirmParams.payment_method_data, SetupIntentCreateParams.payment_method_data, and SetupIntentUpdateParams.payment_method_data
    • Add support for new value mb_way on enums ConfirmationTokenCreateParams.testHelpers.payment_method_data.type, PaymentIntentConfirmParams.payment_method_data.type, PaymentIntentCreateParams.payment_method_data.type, PaymentIntentUpdateParams.payment_method_data.type, SetupIntentConfirmParams.payment_method_data.type, SetupIntentCreateParams.payment_method_data.type, and SetupIntentUpdateParams.payment_method_data.type
    • Add support for new value mb_way on enums ConfirmationToken.payment_method_preview.type and PaymentMethod.type
    • Add support for new value mb_way on enums CustomerListPaymentMethodsParams.type, PaymentMethodCreateParams.type, and PaymentMethodListParams.type
    • Remove support for values accepted, partner_rejected, and submitted from enum Dispute.evidence_details.enhanced_eligibility.visa_compelling_evidence_3.status
    • Add support for new value hr_oib on enums OrderCreateParams.tax_details.tax_ids[].type and OrderUpdateParams.tax_details.tax_ids[].type
    • Add support for new value hr_oib on enum Order.tax_details.tax_ids[].type
    • Remove support for phases on QuoteCreateParams and QuoteUpdateParams
    • Remove support for from_schedule on QuoteCreateParams.subscription_data

  See the changelog for more details.

• 16.9.0-beta.1 - 2024-08-15
  
  • #2157 Update generated code for beta
    • Add support for capital_financing_application and capital_financing on AccountSessionCreateParams.components
    • Add support for permissions on Checkout.SessionCreateParams and Checkout.Session
    • Add support for collected_information on Checkout.SessionUpdateParams and Checkout.Session
    • Add support for shipping_options on Checkout.SessionUpdateParams

  See the changelog for more details.

• 16.8.0 - 2024-08-15
  
  • #2155 Update generated code
    • Add support for authorization_code on Charge.payment_method_details.card
    • Add support for wallet on Charge.payment_method_details.card_present, ConfirmationToken.payment_method_preview.card.generated_from.payment_method_details.card_present, ConfirmationToken.payment_method_preview.card_present, PaymentMethod.card.generated_from.payment_method_details.card_present, and PaymentMethod.card_present
    • Add support for mandate_options on PaymentIntent.payment_method_options.bacs_debit, PaymentIntentConfirmParams.payment_method_options.bacs_debit, PaymentIntentCreateParams.payment_method_options.bacs_debit, and PaymentIntentUpdateParams.payment_method_options.bacs_debit
    • Add support for bacs_debit on SetupIntent.payment_method_options, SetupIntentConfirmParams.payment_method_options, SetupIntentCreateParams.payment_method_options, and SetupIntentUpdateParams.payment_method_options
    • Add support for chips on Treasury.OutboundPayment.tracking_details.us_domestic_wire, Treasury.OutboundPaymentUpdateParams.testHelpers.tracking_details.us_domestic_wire, Treasury.OutboundTransfer.tracking_details.us_domestic_wire, and Treasury.OutboundTransferUpdateParams.testHelpers.tracking_details.us_domestic_wire
    • Change type of Treasury.OutboundPayment.tracking_details.us_domestic_wire.imad and Treasury.OutboundTransfer.tracking_details.us_domestic_wire.imad from string to string | null

  See the changelog for more details.

• 16.8.0-beta.1 - 2024-08-12
  
  • #2148 Update generated code for beta
    • Add support for capital_financing_application and capital_financing on AccountSession.components
    • Add support for payto on Checkout.Session.payment_method_options and Checkout.SessionCreateParams.payment_method_options
    • Add support for new value payto on enum Checkout.SessionCreateParams.payment_method_types[]
    • Add support for new value custom on enums Checkout.Session.ui_mode and Checkout.SessionCreateParams.ui_mode
    • ⚠️ Remove support for risk_correlation_id on PaymentIntent.payment_method_options.rechnung, PaymentIntentConfirmParams.payment_method_options.rechnung, PaymentIntentCreateParams.payment_method_options.rechnung, and PaymentIntentUpdateParams.payment_method_options.rechnung
    • Add support for new value payto on enums PaymentLink.payment_method_types[], PaymentLinkCreateParams.payment_method_types[], and PaymentLinkUpdateParams.payment_method_types[]
    • Change QuoteLine.cancel_subscription_schedule to be required

  See the changelog for more details.

• 16.7.0 - 2024-08-09
  
  • #2147 Update generated code
    • Add support for activate, archive, create, deactivate, list, and retrieve methods on resource Billing.Alert
    • Add support for retrieve method on resource Tax.Calculation
    • Add support for new value invalid_mandate_reference_prefix_format on enums Invoice.last_finalization_error.code, PaymentIntent.last_payment_error.code, SetupAttempt.setup_error.code, SetupIntent.last_setup_error.code, and StripeError.code
    • Add support for type on Charge.payment_method_details.card_present.offline, ConfirmationToken.payment_method_preview.card.generated_from.payment_method_details.card_present.offline, PaymentMethod.card.generated_from.payment_method_details.card_present.offline, and SetupAttempt.payment_method_details.card_present.offline
    • Add support for offline on ConfirmationToken.payment_method_preview.card_present and PaymentMethod.card_present
    • Add support for related_customer on Identity.VerificationSessionCreateParams, Identity.VerificationSessionListParams, and Identity.VerificationSession
    • Change InvoiceCreateParams.payment_settings.payment_method_options.card.installments.plan.count, InvoiceCreateParams.payment_settings.payment_method_options.card.installments.plan.interval, InvoiceUpdateParams.payment_settings.payment_method_options.card.installments.plan.count, InvoiceUpdateParams.payment_settings.payment_method_options.card.installments.plan.interval, PaymentIntentConfirmParams.payment_method_options.card.installments.plan.count, PaymentIntentConfirmParams.payment_method_options.card.installments.plan.interval, PaymentIntentCreateParams.payment_method_options.card.installments.plan.count, PaymentIntentCreateParams.payment_method_options.card.installments.plan.interval, PaymentIntentUpdateParams.payment_method_options.card.installments.plan.count, and PaymentIntentUpdateParams.payment_method_options.card.installments.plan.interval to be optional
    • Add support for new value girocard on enums PaymentIntent.payment_method_options.card.network, PaymentIntentConfirmParams.payment_method_options.card.network, PaymentIntentCreateParams.payment_method_options.card.network, PaymentIntentUpdateParams.payment_method_options.card.network, SetupIntent.payment_method_options.card.network, SetupIntentConfirmParams.payment_method_options.card.network, SetupIntentCreateParams.payment_method_options.card.network, SetupIntentUpdateParams.payment_method_options.card.network, Subscription.payment_settings.payment_method_options.card.network, SubscriptionCreateParams.payment_settings.payment_method_options.card.network, and SubscriptionUpdateParams.payment_settings.payment_method_options.card.network
    • Add support for new value financial_addresses.aba.forwarding on enums Treasury.FinancialAccount.active_features[], Treasury.FinancialAccount.pending_features[], and Treasury.FinancialAccount.restricted_features[]

  See the changelog for more details.

• 16.7.0-beta.1 - 2024-08-01
  
  • #2145 Update generated code for beta
    • Add support for attach_payment method on resource Invoice
    • Add support for app_install and app_viewport on AccountSessionCreateParams.components
    • Remove support for partner_rejected_details on Dispute.evidence_details.enhanced_eligibility.visa_compelling_evidence_3
    • Add support for lines_invalid on Quote.status_details.stale.last_reason
    • Add support for new value lines_invalid on enum Quote.status_details.stale.last_reason.type
    • Add support for last_price_migration_error on SubscriptionSchedule and Subscription

  See the changelog for more details.

• 16.6.0 - 2024-08-01
  
  • #2144 Update generated code
    • Add support for new resources Billing.AlertTriggered and Billing.Alert
    • Add support for new value charge_exceeds_transaction_limit on enums Invoice.last_finalization_error.code, PaymentIntent.last_payment_error.code, SetupAttempt.setup_error.code, SetupIntent.last_setup_error.code, and StripeError.code
    • ⚠️ Remove support for authorization_code on Charge.payment_method_details.card. This was accidentally released last week.
    • Add support for new value billing.alert.triggered on enum Event.type
    • Add support for new value billing.alert.triggered on enums WebhookEndpointCreateParams.enabled_events[] and WebhookEndpointUpdateParams.enabled_events[]

  See the changelog for more details.

• 16.6.0-beta.1 - 2024-07-25
  
  • #2137 Update generated code for beta
    • Add support for new resources Billing.AlertTriggered, Billing.Alert, and Tax.Association
    • Add support for activate, archive, create,...

[google-cla]

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.