-
Notifications
You must be signed in to change notification settings - Fork 169
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix CVE-2023-45857 npm vulnerability found in audit #3279
Conversation
d0d58df
to
a4942d1
Compare
#3282 Dependabot's PR here updates the package.json coordinates for Axios to bump the minimum allowed version to 1.6.0. I think that change should be included in this PR as well (Dependabot's PR won't work for us since it doesn't update our built assets). |
cdc76da
a4942d1
to
cdc76da
Compare
Thanks, I updated |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
thank you!
Which issue this PR addresses:
GHSA-wf5p-g6vw-rhxx
Fixes
What this PR does / why we need it:
npm
audit reported vulnerability CVE-2023-45857 in our Axios version.Test plan for issue:
Unit tests
E2E tests
Is there any documentation that needs to be updated for this PR?
No