From 9a7084ade01f2790012c1d938998a9375703022f Mon Sep 17 00:00:00 2001 From: Will McVay Date: Tue, 7 Nov 2023 07:32:22 +0000 Subject: [PATCH] [Snyk] Security upgrade axios from 0.27.2 to 1.6.0 (#10046) * fix: packages/connect-session/package.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-AXIOS-6032459 * chore: updated axios for connect session --------- Co-authored-by: snyk-bot Co-authored-by: Ashleigh Simonelli --- packages/connect-session/package.json | 2 +- yarn.lock | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/packages/connect-session/package.json b/packages/connect-session/package.json index eebbf0221d..afaf21f228 100644 --- a/packages/connect-session/package.json +++ b/packages/connect-session/package.json @@ -37,7 +37,7 @@ "commit": "yarn test --coverage --no-cache --silent --forceExit --detectOpenHandles --runInBand --watch=false && jest-coverage-badges --input src/tests/coverage/coverage-summary.json --output src/tests/badges && yarn lint --fix && yarn check" }, "dependencies": { - "axios": "^0.27.2", + "axios": "^1.6.0", "base-64": "^1.0.0", "idtoken-verifier": "^2.2.3", "isomorphic-fetch": "^3.0.0", diff --git a/yarn.lock b/yarn.lock index 8e0125babd..b2823244d2 100644 --- a/yarn.lock +++ b/yarn.lock @@ -11554,7 +11554,7 @@ __metadata: "@types/base-64": "npm:^1.0.0" "@typescript-eslint/eslint-plugin": "npm:^5.59.7" "@typescript-eslint/parser": "npm:^5.59.7" - axios: "npm:^0.27.2" + axios: "npm:^1.6.0" babel-jest: "npm:^29.5.0" base-64: "npm:^1.0.0" concurrently: "npm:^6.5.1"