From 80a0be89d5c388f91a2fe721d391170bcaeaac6d Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 5 Jan 2024 18:06:36 +0000 Subject: [PATCH] fix: feeder/package.json & feeder/package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-AXIOS-6144788 --- feeder/package-lock.json | 23 +++++++++++++++-------- feeder/package.json | 2 +- 2 files changed, 16 insertions(+), 9 deletions(-) diff --git a/feeder/package-lock.json b/feeder/package-lock.json index 4be9691..5f72cd3 100644 --- a/feeder/package-lock.json +++ b/feeder/package-lock.json @@ -11,7 +11,7 @@ "dependencies": { "@terra-money/terra.js": "^3.1.7", "argparse": "^1.0.10", - "axios": "^0.21.3", + "axios": "^1.6.4", "bignumber.js": "^9.0.1", "bluebird": "^3.7.2", "crypto-js": "^4.1.1", @@ -266,11 +266,13 @@ "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==" }, "node_modules/axios": { - "version": "0.21.4", - "resolved": "https://registry.npmjs.org/axios/-/axios-0.21.4.tgz", - "integrity": "sha512-ut5vewkiu8jjGBdqpM44XxjuCjq9LAKeHVmoVfHVzy8eHgxxq8SbAVQNovDA8mVi05kP0Ea/n/UzcSHcTJQfNg==", + "version": "1.6.4", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.4.tgz", + "integrity": "sha512-heJnIs6N4aa1eSthhN9M5ioILu8Wi8vmQW9iHQ9NUvfkJb0lEEDUiIdQNAuBtfUt3FxReaKdpQA5DbmMOqzF/A==", "dependencies": { - "follow-redirects": "^1.14.0" + "follow-redirects": "^1.15.4", + "form-data": "^4.0.0", + "proxy-from-env": "^1.1.0" } }, "node_modules/balanced-match": { @@ -508,9 +510,9 @@ "integrity": "sha512-0Zt+s3L7Vf1biwWZ29aARiVYLx7iMGnEUl9x33fbB/j3jR81u/O2LbqK+Bm1CDSNDKVtJ/YjwY7TUd5SkeLQLw==" }, "node_modules/follow-redirects": { - "version": "1.15.3", - "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.3.tgz", - "integrity": "sha512-1VzOtuEM8pC9SFU1E+8KfTjZyMztRsgEfwQl44z8A25uy13jSzTj6dyK2Df52iV0vgHCfBwLhDWevLn95w5v6Q==", + "version": "1.15.4", + "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.4.tgz", + "integrity": "sha512-Cr4D/5wlrb0z9dgERpUL3LrmPKVDsETIJhaCMeDfuFYcqa5bldGV6wBsAN6X/vxlXQtFBMrXdXxdL8CbDTGniw==", "funding": [ { "type": "individual", @@ -756,6 +758,11 @@ "pbts": "bin/pbts" } }, + "node_modules/proxy-from-env": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz", + "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==" + }, "node_modules/read": { "version": "1.0.7", "resolved": "https://registry.npmjs.org/read/-/read-1.0.7.tgz", diff --git a/feeder/package.json b/feeder/package.json index 65c17c4..154d590 100644 --- a/feeder/package.json +++ b/feeder/package.json @@ -9,7 +9,7 @@ "dependencies": { "@terra-money/terra.js": "^3.1.7", "argparse": "^1.0.10", - "axios": "^0.21.3", + "axios": "^1.6.4", "bignumber.js": "^9.0.1", "bluebird": "^3.7.2", "crypto-js": "^4.1.1",