[Snyk] Upgrade asana from 0.17.3 to 0.18.4

[snyk-bot]

Snyk has created this PR to upgrade asana from 0.17.3 to 0.18.4.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 5 versions ahead of your current version.
• The recommended version was released 5 months ago, on 2020-04-08.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Prototype Pollution SNYK-JS-LODASH-608086	544/1000 Why? Proof of Concept exploit, Recently disclosed, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-LODASH-590103	544/1000 Why? Proof of Concept exploit, Recently disclosed, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-AJV-584908	544/1000 Why? Proof of Concept exploit, Recently disclosed, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-LODASH-567746	544/1000 Why? Proof of Concept exploit, Recently disclosed, CVSS 7.3	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: asana

• 0.18.4 - 2020-04-08
  

  Adds missing resource objects.

  Upgrades misc. dependencies.

• 0.18.3 - 2020-04-02
  

  Added robust debugging for requests.

  client.dispatcher.debug(true);

• 0.18.2 - 2020-04-02
  

  Fixes an issue with dispatcher parsing options

• 0.18.1 - 2020-04-02
  

  Fixes jenkins build

• 0.18.0 - 2020-02-14
  

  This version converts our client libraries to use the OpenAPI spec. We also switched to a more consistent naming convention. This version keeps the old methods and adds the new methods.

• 0.17.3 - 2019-09-19
  

  Fixes some reverse compatibility issues
  Allows params on the Events endpoint

from asana GitHub release notes

Commit messages

Package name: asana

• 226ea24 Version bump
• 54bee7b Updated travis node version tests
• 5ef492d Upgraded some packages. Fixed missing resource declarations like batchAPI
• 3ddfe28 Version bump
• fa57b8b Adding better debugging to node-asana
• 6c28c41 indexOf did not work
• bf74c79 Version bump
• 042f5ac Change dispatcher to use indexOf instead of 'in'
• 41dc2e9 Version bump
• f0a2e02 removed node 4 from travis
• 8bc0494 Merge branch 'master' of github.com:Asana/node-asana
• 68b788a Fixed tests
• 7476161 Merge pull request #201 from Asana/dependabot/npm_and_yarn/handlebars-4.7.3
• 89faefa Bump handlebars from 4.1.2 to 4.7.3
• e63d8c4 Merge pull request #200 from barslev/master
• 6eede62 Updated bluebird to version 3
• e16c110 Merge pull request #197 from Asana/rossgrambo-openapi-conversion
• 5cb6610 Merge branch 'master' of github.com:Asana/node-asana
• 0eed2fa version bump
• 51d4633 Merge branch 'master' into rossgrambo-openapi-conversion
• a213b50 Removed POST attachments generation
• d726a6f Merge pull request #198 from UnityOfFairfax/patch-1
• 2854732 Update README.md
• e926e46 Updated description for user params

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs