From c28d1cc23d829d371365d0532afb85a920f8e191 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 14 Aug 2024 18:23:05 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-AXIOS-7361793 --- package-lock.json | 9 +++++---- package.json | 2 +- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/package-lock.json b/package-lock.json index 7ea612065..28b6449a5 100644 --- a/package-lock.json +++ b/package-lock.json @@ -7,7 +7,7 @@ "name": "snyk-broker", "license": "Apache-2.0", "dependencies": { - "axios": "1.6.8", + "axios": "^1.7.4", "axios-retry": "^3.9.1", "body-parser": "^1.19.0", "bunyan": "^1.8.12", @@ -2544,9 +2544,10 @@ "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==" }, "node_modules/axios": { - "version": "1.6.8", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.8.tgz", - "integrity": "sha512-v/ZHtJDU39mDpyBoFVkETcd/uNdxrWRrg3bKpOKzXFA6Bvqopts6ALSMU3y6ijYxbw2B+wPrIv46egTzJXCLGQ==", + "version": "1.7.4", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.7.4.tgz", + "integrity": "sha512-DukmaFRnY6AzAALSH4J2M3k6PkaC+MfaAGdEERRWcC9q3/TWQwLpHR8ZRLKTdQ3aBDL64EdluRDjJqKw+BPZEw==", + "license": "MIT", "dependencies": { "follow-redirects": "^1.15.6", "form-data": "^4.0.0", diff --git a/package.json b/package.json index 194793712..f6a4808ed 100644 --- a/package.json +++ b/package.json @@ -59,7 +59,7 @@ "typescript": "^4.9.3" }, "dependencies": { - "axios": "1.6.8", + "axios": "1.7.4", "axios-retry": "^3.9.1", "body-parser": "^1.19.0", "bunyan": "^1.8.12",