From 8771c9bc93ff0576df3925cf7255a802c8e83ec4 Mon Sep 17 00:00:00 2001 From: mm-prodsec-bot Date: Thu, 22 Aug 2024 17:16:00 +0300 Subject: [PATCH] fix: e2e/package.json & e2e/package-lock.json to reduce vulnerabilities (#3123) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-AXIOS-7361793 Co-authored-by: snyk-bot --- e2e/package-lock.json | 11 ++++++----- e2e/package.json | 2 +- 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/e2e/package-lock.json b/e2e/package-lock.json index 958dd1b5..3b48d15d 100644 --- a/e2e/package-lock.json +++ b/e2e/package-lock.json @@ -13,7 +13,7 @@ "@aws-sdk/client-s3": "3.529.0", "@aws-sdk/lib-storage": "3.445.0", "@electron/rebuild": "3.6.0", - "axios": "1.6.7", + "axios": "^1.7.4", "chai": "4.3.6", "electron-mocha": "12.2.0", "fast-xml-parser": "^4.4.1", @@ -1862,11 +1862,12 @@ "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==" }, "node_modules/axios": { - "version": "1.6.7", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.7.tgz", - "integrity": "sha512-/hDJGff6/c7u0hDkvkGxR/oy6CbCs8ziCsC7SqmhjfozqiJGc8Z11wrv9z9lYfY4K8l+H9TpjcMDX0xOZmx+RA==", + "version": "1.7.4", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.7.4.tgz", + "integrity": "sha512-DukmaFRnY6AzAALSH4J2M3k6PkaC+MfaAGdEERRWcC9q3/TWQwLpHR8ZRLKTdQ3aBDL64EdluRDjJqKw+BPZEw==", + "license": "MIT", "dependencies": { - "follow-redirects": "^1.15.4", + "follow-redirects": "^1.15.6", "form-data": "^4.0.0", "proxy-from-env": "^1.1.0" } diff --git a/e2e/package.json b/e2e/package.json index 04460889..502ba9c7 100644 --- a/e2e/package.json +++ b/e2e/package.json @@ -27,7 +27,7 @@ "@aws-sdk/client-s3": "3.529.0", "@aws-sdk/lib-storage": "3.445.0", "@electron/rebuild": "3.6.0", - "axios": "1.6.7", + "axios": "1.7.4", "chai": "4.3.6", "electron-mocha": "12.2.0", "fast-xml-parser": "^4.4.1",