Security issue with axios #168
Assignees
Labels
source-plugin
Marking issues related to @kentico/gatsby-source-kontent.
Comments
|
Not in a desperate hurry, as we're currently using npm-force-resolutions to update the dependency, but it would be nice not to have to hack it. What's the timeframe for releasing the fix to 58? |
|
My guess is around a week. |
Simply007
added
the
source-plugin
This was referenced Feb 10, 2021
Merged
|
version 6.3.1 should contain the fix @jamesots. Unfortunately, the priorities have changed, so language codenames are still required in the gatsby config. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The gatsby-source-kontent package has a dependency on axios v 0.19.2, which has a security advisory open against it: https://npmjs.com/advisories/1594. It would be great if the dependency could be updated to at least v0.21.1, so that this security issue is fixed.
The text was updated successfully, but these errors were encountered: