It would be great if you could update to the latest version (going from 0.x to 1.x).
Given the very light usage of axios in this project, it shouldn't cause any issue (famous last words... :smile: ).
Also, your code isn't affected by this security issue, so this is more about getting the latest bugfixes from the library, and as a bonus, the CVE alert disappears and I can build my images peacefully. :)
Hello @tnrich :wave:
There is a security issue with the Axios dependency: https://github.com/advisories/GHSA-wf5p-g6vw-rhxx
It would be great if you could update to the latest version (going from 0.x to 1.x).
Given the very light usage of
axios
in this project, it shouldn't cause any issue (famous last words... :smile: ).Also, your code isn't affected by this security issue, so this is more about getting the latest bugfixes from the library, and as a bonus, the CVE alert disappears and I can build my images peacefully. :)
Cheers, ~Nico