Update axios in botbuilder-core from 0.28 to 1.6.4 #4655
Labels
feature-request
A request for new functionality or an enhancement to an existing one.
needs-triage
The issue has just been created and it has not been reviewed by the team.
Comments
mehradrafigh
added
feature-request
|
@tracyboehrer, I can contribute from my end. Looking through the Contributing section.md I need somebody to approve the issue so I can start the implementation. Do you see any problem with that? Axios 0.28 is pretty outdated, has security issues, and should not be used anymore because there is Axios 1.6.4 |
|
@mehradrafigh Of course we'd welcome the contribution. When you submit the PR, it will require you to accept, and I'll approve it the request. |
|
Hi @tracyboehrer I forked the repository, installed yarn and tried to run I get the following error ➜ yarn install
yarn install v1.22.22
[1/4] 🔍 Resolving packages...
warning Lockfile has incorrect entry for "@types/jsonwebtoken@8.3.5". Ignoring it.
warning Resolution field "axios@0.28.0" is incompatible with requested version "axios@^1.6.8"
warning Resolution field "async@3.2.3" is incompatible with requested version "async@^2.6.1"
warning Resolution field "axios@0.28.0" is incompatible with requested version "axios@~0.21.1"
warning Resolution field "async@3.2.3" is incompatible with requested version "async@^1.4.0"
warning Resolution field "tar@6.1.9" is incompatible with requested version "tar@6.0.2"
warning Resolution field "tar@6.1.9" is incompatible with requested version "tar@^6.1.11"
warning Resolution field "ws@7.4.6" is incompatible with requested version "ws@^8.2.3"
warning Resolution field "ws@7.4.6" is incompatible with requested version "ws@>=8.7.0"
warning Resolution field "@types/ramda@0.26.0" is incompatible with requested version "@types/ramda@~0.29.6"
warning Resolution field "@types/ramda@0.26.0" is incompatible with requested version "@types/ramda@~0.29.6"
warning Resolution field "@types/ramda@0.26.0" is incompatible with requested version "@types/ramda@~0.29.6"
warning Resolution field "@types/ramda@0.26.0" is incompatible with requested version "@types/ramda@~0.29.6"
warning Resolution field "axios@0.28.0" is incompatible with requested version "axios@^1.4.0"
warning Resolution field "mixme@0.5.2" is incompatible with requested version "mixme@^0.3.1"
warning Resolution field "json-schema@0.4.0" is incompatible with requested version "json-schema@0.2.3"
warning Resolution field "@types/ramda@0.26.0" is incompatible with requested version "@types/ramda@~0.29.6"
warning Resolution field "@types/ramda@0.26.0" is incompatible with requested version "@types/ramda@~0.29.6"
warning Resolution field "@types/ramda@0.26.0" is incompatible with requested version "@types/ramda@~0.29.6"
warning Resolution field "@types/ramda@0.26.0" is incompatible with requested version "@types/ramda@~0.29.6"
warning Resolution field "@types/ramda@0.26.0" is incompatible with requested version "@types/ramda@~0.29.6"
warning Resolution field "@types/ramda@0.26.0" is incompatible with requested version "@types/ramda@~0.29.6"
warning Resolution field "@types/ramda@0.26.0" is incompatible with requested version "@types/ramda@~0.29.6"
warning Resolution field "@types/ramda@0.26.0" is incompatible with requested version "@types/ramda@~0.29.6"
warning Resolution field "@types/ramda@0.26.0" is incompatible with requested version "@types/ramda@~0.29.6"
warning Resolution field "@types/ramda@0.26.0" is incompatible with requested version "@types/ramda@~0.29.6"
warning Resolution field "@types/ramda@0.26.0" is incompatible with requested version "@types/ramda@~0.29.6"
warning Resolution field "@types/ramda@0.26.0" is incompatible with requested version "@types/ramda@~0.29.6"
warning Resolution field "@types/ramda@0.26.0" is incompatible with requested version "@types/ramda@~0.29.6"
warning Resolution field "@types/ramda@0.26.0" is incompatible with requested version "@types/ramda@~0.29.6"
warning Resolution field "@types/ramda@0.26.0" is incompatible with requested version "@types/ramda@~0.29.6"
warning Resolution field "@types/ramda@0.26.0" is incompatible with requested version "@types/ramda@~0.29.6"
warning Resolution field "@types/ramda@0.26.0" is incompatible with requested version "@types/ramda@~0.29.6"
warning Resolution field "@types/ramda@0.26.0" is incompatible with requested version "@types/ramda@~0.29.6"
warning Resolution field "@types/ramda@0.26.0" is incompatible with requested version "@types/ramda@~0.29.6"
warning Resolution field "@types/ramda@0.26.0" is incompatible with requested version "@types/ramda@~0.29.6"
warning Resolution field "@types/ramda@0.26.0" is incompatible with requested version "@types/ramda@~0.29.6"
warning Resolution field "@types/ramda@0.26.0" is incompatible with requested version "@types/ramda@~0.29.6"
warning Resolution field "@types/ramda@0.26.0" is incompatible with requested version "@types/ramda@~0.29.6"
[2/4] 🚚 Fetching packages...
error @microsoft/orchestrator-core@4.14.4: The CPU architecture "arm64" is incompatible with this module.
error Found incompatible moduleI am on a Silicon Apple Macbook Pro and don't have Windows anywhere. How can I still contribute? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem? Please describe.
The version of axios that is used in botbuilder-core is 0.28 and contains security vulnerabilities
https://security.snyk.io/package/npm/axios/0.28.0
Describe the solution you'd like
Update to version 1.6.4 to fix those security vulnerabilities
The text was updated successfully, but these errors were encountered: