Skip to content

Update dependency com.vonage:client to v7 - autoclosed#27

Closed
mend-for-github-com[bot] wants to merge 1 commit intomainfrom
whitesource-remediate/com.vonage-client-7.x
Closed

Update dependency com.vonage:client to v7 - autoclosed#27
mend-for-github-com[bot] wants to merge 1 commit intomainfrom
whitesource-remediate/com.vonage-client-7.x

Conversation

@mend-for-github-com
Copy link
Copy Markdown

@mend-for-github-com mend-for-github-com Bot commented Sep 16, 2025
edited
Loading

This PR contains the following updates:

Package Type Update Change
com.vonage:client dependencies major 6.2.07.0.0

By merging this PR, the issue #8 will be automatically resolved and closed:

Severity CVSS Score Vulnerability
Medium Medium 5.3 CVE-2020-13956
Medium Medium 5.3 CVE-2025-48924
Medium Medium 4.8 CVE-2021-29425
Medium Medium 4.3 CVE-2024-47554

Release Notes

Vonage/vonage-java-sdk (com.vonage:client)

v7.0.0

  • Removed SMS Search API
  • Deprecated Redact client
  • Use vonage-jwt-jdk:1.0.2 library instead of nexmo-jwt-jdk:1.0.1
  • Ensure User-Agent is set in request headers
  • Allow alphanumeric characters for SMS and MMS sender fields in Messages API
  • WhatsappRequest sender must now be an E164 number
  • Fixed incorrect restrictions on WhatsappTemplateRequest
    • Policy is now optional
    • Default locale is now en
    • Locale is now an enum rather than String
    • parameters is now List<String>
  • Removed dependency on commons-io and commons-lang3
  • Ensured User-Agent is set in request headers
  • Added Premium text-to-speech flag in TalkAction NCCO
  • Removed support for legacy voiceName parameter
  • Updated SMS error status codes
  • Added support for voice payments using NCCO action
  • Updated NCCO classes
    • Fixed Action deserialization (issue #​373)
    • Permit Object values for WebSocketEndpoint headers
    • Removed varargs headers method in WebSocketEndpoint.Builder
    • Made Builder constructors package-private
    • Added headers field to SipEndpoint
    • Use java.net.URI instead of String for URI fields
  • Updated Number Insight to be consistent with API specification
    • Deprecated IP Address
    • Added missing InsightStatus codes
    • Added documentation to Insight Response fields
    • Moved AdvancedInsight enums to separate files
    • Added real_time_data to AdvancedInsightResponse

v6.5.0

  • Added Messages v1 API implementation
  • Added get-full-pricing endpoint
  • Added Content-Type and Accept headers in requests where applicable
  • Substantial internal refactoring

v6.4.2

  • Added call_uuid to webhook call event.
  • Bumped dependency versions

v6.4.0

  • Adding Random From Number Feature for the Voice API, if set to true, the from number will be randomly selected from the pool of numbers available to the application making the call.
  • adjusting operator used to check json payloads
  • Adding extra parsing for top level Roaming Status in Advanced Number Insights

v6.3.0

  • Added parsing for JSON payloads when reading inbound SMS signatures
  • If you want to rebase/retry this PR, check this box

@mend-for-github-com mend-for-github-com Bot added the security fix Security fix generated by Mend label Sep 16, 2025
@mend-for-github-com mend-for-github-com Bot changed the title Update dependency com.vonage:client to v7 Update dependency com.vonage:client to v7 - autoclosed May 3, 2026
@mend-for-github-com mend-for-github-com Bot deleted the whitesource-remediate/com.vonage-client-7.x branch May 3, 2026 07:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

security fix Security fix generated by Mend

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants