[Snyk] Security upgrade cloudevents from 3.2.0 to 4.0.0

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • examples/express-ex/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	616/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.9	Server-Side Request Forgery (SSRF) SNYK-JS-AXIOS-1038255	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: cloudevents

The new version differs by 36 commits.

• 97cf2f7 chore: release 4.0.0 (chore: release 4.0.0 #368)
• d656362 build(deps): bump highlight.js from 10.3.2 to 10.4.1 (build(deps): bump highlight.js from 10.3.2 to 10.4.1 #372)
• 79296a8 chore: add a transition guide. fixes Transition doc for deprecated API's #360 (Deprecated API transition guide. #363)
• 9f86cfd fix: improve error messages when validating extensions
• 132f052 fix: package.json & package-lock.json to reduce vulnerabilities
• 6adb578 ci: disable @ typescript-eslint/no-explicit-any linter rule
• 43d9e01 feat: allow ensureDelivery to be able to ensure delivery on emit
• d418a50 ci: add unit test for emitter
• bda8581 docs: add Emitter logic example
• 25f9c48 feat: add EventEmitter to Emitter and singleton paradigm
• 875f700 feat!: Remove All API's that are labeled "Remove in 4.0" (Remove All API's that are labeled "Remove in 4.0" #362)
• 8205bc9 chore(package): Upgrade mocha from 7.1.2 to 8.2.0 ([Snyk] Security upgrade mocha from 7.1.2 to 8.2.0 #354)
• 765b81c chore: tag v3.2.0 as release-v3.2.0 for release-please (chore: tag v3.2.0 as release-v3.2.0 for release-please #353)
• c4afacb chore(ci,releases): bump release-please-action to 2.5.5 (chore(ci,releases): bump release-please-action to 2.5.5 #350)
• f6be285 fix: extend Node.js IncomingHttpHeaders in our Headers type (fix: extend Node.js IncomingHttpHeaders in our Headers type #346)
• 1446898 fix: do not alter an event's data attribute (fix: do not alter an event's data attribute #344)
• 138de37 docs: update README with latest API changes (docs: update README with latest API changes #347)
• 76688c4 chore: update release please to the latest release(2.4.1) (chore: update release please to the latest release(2.4.1) #345)
• e334b6e feat: add emitterFactory and friends (feat: add emitterFactory and friends #342)
• a9114b7 chore: add an automated GH action for releases (chore: add an automated GH action for releases #329)
• eca43d9 fix: package.json & package-lock.json to reduce vulnerabilities ([Snyk] Fix for 2 vulnerabilities #338)
• 0a12146 docs: update README with maintainer names (docs: update README with maintainer names #337)
• 1fa3a05 feat: add a constructor parameter for loose validation (feat: add a constructor parameter for loose validation #328)
• 7423acb fix: upgrade cloudevents from 3.0.1 to 3.1.0 (fix: upgrade cloudevents from 3.0.1 to 3.1.0 #335)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic