chore: Security upgrade mailparser from 2.8.1 to 3.6.7

[svcprodsec-sendgrid]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • packages/inbound-mail-parser/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	658/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-NODEMAILER-6219989	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: mailparser

The new version differs by 47 commits.

• 6adad57 chore(master): release 3.6.7 [skip-ci] (Substitution not working or sending custom data  #358)
• 8bc4225 fix: ⬆️ update nodemailer dependency to resolve security issue GHSA-9h6g-pr28-7cqp (Improving test readability #357)
• 3f8a516 chore(master): release 3.6.6 [skip-ci] (fix: Make various TypeScript request components optional #354)
• 6bae600 fix: Fix produced text address list string according to rfc 2822 (typescript: error TS2305: '.../node_modules/sendgrid/index' has no exported member 'SendGrid' #340)
• a2ba9c2 fix(test): updated test matrix (18, 20, 21)
• 7d78cb9 removed node v16 from test matrix
• d6eb56f fix(deploy): added auto-deployment
• 92b73a2 v3.6.5
• 5070a32 Replaces optional chaining
• 80ba89e Fixes sendgrid.send gives {"code":"EPROTO","errno":"EPROTO","syscall":"write"} #346
• ac11f78 v3.6.4
• 38b7df2 Merge branch 'jonny64-v3.4.0_hang'
• a645760 Do not repeat processing invalidly encoded address
• ad0c383 Merge branch 'v3.4.0_hang' of github.com:jonny64/mailparser into jonny64-v3.4.0_hang
• 694416e add test Error message when trying to send transactional email #337
• dd33c76 remove redundant content type check
• b1d6a25 v3.6.3
• b1f0775 v3.6.2
• 7bef1fc v3.6.1
• 22ad3c6 Update package.json
• beffb6e Updated test workflow
• 3778c7c v3.6.0
• dfdbe6f chore: bump libmime from 5.1.0 to 5.2.0
• b6bba6e v3.5.0

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

[R-Oakley]

To whomever may review this or even @svcprodsec-sendgrid,

There is also a vulnerability in the /packages/client around an axios dependancy and needs the axios version bumped as well if its possible to get that taken care of as well