Skip to content

Upgrade Axios #356

New issue
New issue
Open
Open
Upgrade Axios#356
@karlwilbur

Description

@karlwilbur
karlwilbur
opened on Feb 10, 2021

Currently axios is required at ^0.18.0.

gulp-reporter/package.json

Line 9 in 80560d8

"axios": "^0.18.0",

However, there is a current high-severity advisory for axios:

┌───────────────┬──────────────────────────────────────────────────────────────┐
│ high          │ Server-Side Request Forgery                                  │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ axios                                                        │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=0.21.1                                                     │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ eclint                                                       │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ eclint > gulp-reporter > axios                               │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://www.npmjs.com/advisories/1594                        │
└───────────────┴──────────────────────────────────────────────────────────────┘

Please update the axios dependency to >=0.21.1 (or more specifically, ^0.21.1).

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions