Axios security issues #463
Comments
|
You are absolutely right, we should be updating dependencies to their latest while minimizing or ensuring we don't introduce breaking changes. |
Closed
|
@charpeni I've created a PR to update axios, could it be that a token is missing to run CI? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Do you want to request a feature or report a bug?
A very old version of axios is being used and there have been recent reports of vulnerabilities and also fixed.
I wanted to ask what's the feeling on upgrading axios to v1.x at this point.
At the moment the requirement is version 0.24.0, and latest version is 1.6.2
axios/axios#6006
What is the current behavior?
No functional changes
If the current behavior is a bug, please provide the steps to reproduce.
Just check the vulnerabilities reports
What is the expected behavior?
Keep up to date with security fixes for the axios package
If this is a feature request, what is motivation or use case for changing the behavior?
Please mention other relevant information such as the browser version, Node.js version, bundlewatch version, and Operating System.
The text was updated successfully, but these errors were encountered: