Update axios to 1.x #859

edi9999 · 2023-11-21T11:49:46Z

When running npm audit, we get following error :

axios  0.8.1 - 1.5.1
Severity: moderate
Axios Cross-Site Request Forgery Vulnerability - https://github.com/advisories/GHSA-wf5p-g6vw-rhxx
fix available via `npm audit fix --force`
Will install selenium-standalone@9.0.5, which is a breaking change
node_modules/selenium-standalone/node_modules/axios
  selenium-standalone  >=9.0.6
  Depends on vulnerable versions of axios
  node_modules/selenium-standalone

2 moderate severity vulnerabilities

Upgrading axios to 1.x in selenium-standalone would fix this issue.

The text was updated successfully, but these errors were encountered:

christian-bromann · 2023-12-13T20:28:37Z

@edi9999 mind raising a PR for it?

update deps fix #859

tuortheblessed · 2024-01-22T19:39:26Z

@christian-bromann Getting this as well and its blocking our pipelines. Looks like this was never released, any chance we could get that released asap?

tuortheblessed · 2024-01-23T16:37:17Z

@udarrr Or maybe you can help here?

christian-bromann added the help wanted label Dec 13, 2023

udarrr closed this as completed in b55e398 Jan 13, 2024

udarrr added a commit that referenced this issue Jan 13, 2024

Merge pull request #864 from harsha509/main

328bcca

update deps fix #859

tuortheblessed mentioned this issue Jan 24, 2024

Axios vulnerability fixed and merged but not released in new version #869

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update axios to 1.x #859

Update axios to 1.x #859

edi9999 commented Nov 21, 2023

christian-bromann commented Dec 13, 2023

tuortheblessed commented Jan 22, 2024

tuortheblessed commented Jan 23, 2024

Update axios to 1.x #859

Update axios to 1.x #859

Comments

edi9999 commented Nov 21, 2023

christian-bromann commented Dec 13, 2023

tuortheblessed commented Jan 22, 2024

tuortheblessed commented Jan 23, 2024