Skip to content

Commit

Permalink
refactor(dependencies): axios to 1.7.4 (#2861)
Browse files Browse the repository at this point in the history
Our builds are failing due to Trivy scanner. Trivy scanner actually found that our Axios version
v1.6.8 has a vulnerability - CVE-2024-39338. This was fixed in version 1.7.4, hence, the upgrade.

fix #2860
  • Loading branch information
golobitch authored Aug 15, 2024
1 parent 7a28fd1 commit a2c44a5
Show file tree
Hide file tree
Showing 5 changed files with 27 additions and 17 deletions.
2 changes: 1 addition & 1 deletion packages/auth/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@
"@koa/cors": "^5.0.0",
"@koa/router": "^12.0.0",
"ajv": "^8.12.0",
"axios": "^1.6.8",
"axios": "^1.7.4",
"dotenv": "^16.4.5",
"graphql": "^16.8.1",
"ioredis": "^5.3.2",
Expand Down
2 changes: 1 addition & 1 deletion packages/backend/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -75,7 +75,7 @@
"@opentelemetry/sdk-node": "^0.52.1",
"@opentelemetry/sdk-trace-node": "^1.25.1",
"ajv": "^8.12.0",
"axios": "1.6.8",
"axios": "1.7.4",
"base64url": "^3.0.1",
"dotenv": "^16.4.5",
"extensible-error": "^1.0.2",
Expand Down
2 changes: 1 addition & 1 deletion packages/frontend/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@
"@remix-run/node": "^2.6.0",
"@remix-run/react": "^2.6.0",
"@remix-run/serve": "^2.6.0",
"axios": "^1.6.5",
"axios": "^1.7.4",
"class-variance-authority": "^0.7.0",
"graphql": "^16.8.1",
"ilp-packet": "3.1.4-alpha.2",
Expand Down
2 changes: 1 addition & 1 deletion packages/token-introspection/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@
"dependencies": {
"@interledger/open-payments": "6.11.1",
"@interledger/openapi": "2.0.1",
"axios": "^1.6.8",
"axios": "^1.7.4",
"pino": "^8.19.0"
}
}
36 changes: 23 additions & 13 deletions pnpm-lock.yaml

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

0 comments on commit a2c44a5

Please sign in to comment.