From 596f7e9b1d3660a625e1181d6a29f154db06b0da Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 26 Nov 2024 12:50:17 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-AXIOS-6671926 --- package-lock.json | 9 +++++---- package.json | 2 +- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/package-lock.json b/package-lock.json index 7a6af44cc..cbadef9ab 100644 --- a/package-lock.json +++ b/package-lock.json @@ -20,7 +20,7 @@ "@opentelemetry/sdk-node": "^0.52.0", "@typescript-eslint/eslint-plugin": "^7.18.0", "@typescript-eslint/parser": "^7.18.0", - "axios": "^1.7.4", + "axios": "^1.7.8", "babel-plugin-macros": "^3.1.0", "cachified": "^3.5.4", "cross-env": "^7.0.3", @@ -4365,9 +4365,10 @@ } }, "node_modules/axios": { - "version": "1.7.4", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.7.4.tgz", - "integrity": "sha512-DukmaFRnY6AzAALSH4J2M3k6PkaC+MfaAGdEERRWcC9q3/TWQwLpHR8ZRLKTdQ3aBDL64EdluRDjJqKw+BPZEw==", + "version": "1.7.8", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.7.8.tgz", + "integrity": "sha512-Uu0wb7KNqK2t5K+YQyVCLM76prD5sRFjKHbJYCP1J7JFGEQ6nN7HWn9+04LAeiJ3ji54lgS/gZCH1oxyrf1SPw==", + "license": "MIT", "dependencies": { "follow-redirects": "^1.15.6", "form-data": "^4.0.0", diff --git a/package.json b/package.json index 2eb99bc14..6a756dec3 100644 --- a/package.json +++ b/package.json @@ -35,7 +35,7 @@ "@opentelemetry/sdk-node": "^0.52.0", "@typescript-eslint/eslint-plugin": "^7.18.0", "@typescript-eslint/parser": "^7.18.0", - "axios": "^1.7.4", + "axios": "^1.7.8", "babel-plugin-macros": "^3.1.0", "cachified": "^3.5.4", "cross-env": "^7.0.3",