From 88671ac4dfd2987af708fad0460ad0fff61cc8d6 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Mon, 19 Aug 2024 16:55:01 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-AXIOS-7361793 --- package-lock.json | 10 +++++----- package.json | 2 +- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/package-lock.json b/package-lock.json index e3660ab..689080a 100644 --- a/package-lock.json +++ b/package-lock.json @@ -14,7 +14,7 @@ "@types/dotenv": "^8.2.0", "@types/mongoose": "^5.11.97", "auth0": "^4.0.0", - "axios": "^1.6.3", + "axios": "^1.7.4", "dotenv": "^16.0.0", "express": "^4.19.2", "express-oauth2-jwt-bearer": "^1.1.0", @@ -5589,12 +5589,12 @@ "integrity": "sha512-xh1Rl34h6Fi1DC2WWKfxUTVqRsNnr6LsKz2+hfwDxQJWmrx8+c7ylaqBMcHfl1U1r2dsifOvKX3LQuLNZ+XSvA==" }, "node_modules/axios": { - "version": "1.6.3", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.3.tgz", - "integrity": "sha512-fWyNdeawGam70jXSVlKl+SUNVcL6j6W79CuSIPfi6HnDUmSCH6gyUys/HrqHeA/wU0Az41rRgean494d0Jb+ww==", + "version": "1.7.4", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.7.4.tgz", + "integrity": "sha512-DukmaFRnY6AzAALSH4J2M3k6PkaC+MfaAGdEERRWcC9q3/TWQwLpHR8ZRLKTdQ3aBDL64EdluRDjJqKw+BPZEw==", "license": "MIT", "dependencies": { - "follow-redirects": "^1.15.0", + "follow-redirects": "^1.15.6", "form-data": "^4.0.0", "proxy-from-env": "^1.1.0" } diff --git a/package.json b/package.json index 3ebc3d2..0699b0c 100644 --- a/package.json +++ b/package.json @@ -32,7 +32,7 @@ "@types/dotenv": "^8.2.0", "@types/mongoose": "^5.11.97", "auth0": "^4.0.0", - "axios": "^1.6.3", + "axios": "^1.7.4", "dotenv": "^16.0.0", "express": "^4.19.2", "express-oauth2-jwt-bearer": "^1.1.0",