[Snyk] Upgrade ioredis from 4.19.4 to 4.28.5

[rattus69]

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade ioredis from 4.19.4 to 4.28.5.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 32 versions ahead of your current version.

• The recommended version was released on 2 years ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Prototype Pollution SNYK-JS-IOREDIS-1567196	531	Proof of Concept

Release notes

Package name: ioredis

• 4.28.5 - 2022-02-06
  

  4.28.5 (2022-02-06)

  Bug Fixes

  • Reset loaded script hashes to force a reload of scripts after reconnect of redis (#1497) (f357a31)
• 4.28.4 - 2022-02-02
  

  4.28.4 (2022-02-02)

  Bug Fixes

  • make sure timers is cleared on exit (#1502) (cfb04a0)
• 4.28.3 - 2022-01-11
  

  4.28.3 (2022-01-11)

  Bug Fixes

  • fix exceptions on messages of client side cache (#1479) (02adca4)
• 4.28.2 - 2021-12-01
  

  4.28.2 (2021-12-01)

  Bug Fixes

  • add Redis campaign (#1475) (3f3d8e9)
  • fix a memory leak with autopipelining. (#1470) (f5d8b73)
  • unhandled Promise rejections in pipeline.exec [skip ci] (#1466) (e5615da)
• 4.28.1 - 2021-11-23
  

  4.28.1 (2021-11-23)

  Bug Fixes

  • handle possible unhandled promise rejection with autopipelining+cluster (#1467) (6ad285a), closes #1466
• 4.28.0 - 2021-10-13
  

  4.28.0 (2021-10-13)

  Features

  • tls: add TLS profiles for easier configuration (#1441) (4680211)
• 4.27.11 - 2021-10-11
  

  4.27.11 (2021-10-11)

  Bug Fixes

  • make export interface compatible with jest (#1445) (2728dbe)
• 4.27.10 - 2021-10-04
  

  4.27.10 (2021-10-04)

  Bug Fixes

  • cluster: lazyConnect with pipeline (#1408) (b798107)
• 4.27.9 - 2021-08-30
  

  4.27.9 (2021-08-30)

  Bug Fixes

  • Fix undefined property warning in executeAutoPipeline (#1425) (f898672)
  • improve proto checking for hgetall [skip ci] (#1418) (cba83cb)
• 4.27.8 - 2021-08-18
  

  4.27.8 (2021-08-18)

  Bug Fixes

  • handle malicious keys for hgetall (#1416) (7d73b9d), closes #1267
• 4.27.7 - 2021-08-01
• 4.27.6 - 2021-06-13
• 4.27.5 - 2021-06-05
• 4.27.4 - 2021-06-04
• 4.27.3 - 2021-05-22
• 4.27.2 - 2021-05-04
• 4.27.1 - 2021-04-24
• 4.27.0 - 2021-04-24
• 4.26.0 - 2021-04-08
• 4.25.0 - 2021-04-02
• 4.24.6 - 2021-03-31
• 4.24.5 - 2021-03-27
• 4.24.4 - 2021-03-24
• 4.24.3 - 2021-03-21
• 4.24.2 - 2021-03-14
• 4.24.1 - 2021-03-14
• 4.24.0 - 2021-03-14
• 4.23.1 - 2021-03-14
• 4.23.0 - 2021-02-25
• 4.22.0 - 2021-02-06
• 4.21.0 - 2021-02-06
• 4.20.0 - 2021-02-05
• 4.19.4 - 2020-12-13

from ioredis GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs