From 2129be91a833bfacf2ca435c37b56f97a2ed1970 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 16 Jan 2024 19:40:08 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-AXIOS-6144788 --- package-lock.json | 24 +++++++++++++++--------- package.json | 2 +- 2 files changed, 16 insertions(+), 10 deletions(-) diff --git a/package-lock.json b/package-lock.json index dc7ff78..ce20023 100644 --- a/package-lock.json +++ b/package-lock.json @@ -12,7 +12,7 @@ "@stoplight/spectral-core": "^1.12.3", "@stoplight/spectral-ruleset-bundler": "^1.3.0", "@stoplight/spectral-runtime": "^1.1.2", - "axios": "^0.27.2", + "axios": "^1.6.4", "chalk": "^4.1.2", "tmp": "^0.2.1", "yargs": "^17.5.1" @@ -1646,12 +1646,13 @@ } }, "node_modules/axios": { - "version": "0.27.2", - "resolved": "https://registry.npmjs.org/axios/-/axios-0.27.2.tgz", - "integrity": "sha512-t+yRIyySRTp/wua5xEr+z1q60QmLq8ABsS5O9Me1AsE5dfKqgnCFzwiCZZ/cGNd1lq4/7akDWMxdhVlucjmnOQ==", + "version": "1.6.4", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.4.tgz", + "integrity": "sha512-heJnIs6N4aa1eSthhN9M5ioILu8Wi8vmQW9iHQ9NUvfkJb0lEEDUiIdQNAuBtfUt3FxReaKdpQA5DbmMOqzF/A==", "dependencies": { - "follow-redirects": "^1.14.9", - "form-data": "^4.0.0" + "follow-redirects": "^1.15.4", + "form-data": "^4.0.0", + "proxy-from-env": "^1.1.0" } }, "node_modules/babel-jest": { @@ -2358,9 +2359,9 @@ } }, "node_modules/follow-redirects": { - "version": "1.15.2", - "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.2.tgz", - "integrity": "sha512-VQLG33o04KaQ8uYi2tVNbdrWp1QWxNNea+nmIB4EVM28v0hmP17z7aG1+wAkNzVq4KeXTq3221ye5qTJP91JwA==", + "version": "1.15.5", + "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.5.tgz", + "integrity": "sha512-vSFWUON1B+yAw1VN4xMfxgn5fTUiaOzAJCKBwIIgT/+7CuGy9+r+5gITvP62j3RmaD5Ph65UaERdOSRGUzZtgw==", "funding": [ { "type": "individual", @@ -4190,6 +4191,11 @@ "node": ">= 6" } }, + "node_modules/proxy-from-env": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz", + "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==" + }, "node_modules/punycode": { "version": "2.2.0", "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.2.0.tgz", diff --git a/package.json b/package.json index 7fae8e1..fab46ad 100644 --- a/package.json +++ b/package.json @@ -33,7 +33,7 @@ "@stoplight/spectral-core": "^1.12.3", "@stoplight/spectral-ruleset-bundler": "^1.3.0", "@stoplight/spectral-runtime": "^1.1.2", - "axios": "^0.27.2", + "axios": "^1.6.4", "chalk": "^4.1.2", "tmp": "^0.2.1", "yargs": "^17.5.1"