search

TeselaGen / tg-oss

Teselagen Open Source modules
https://teselagen.github.io/tg-oss/
MIT License
39 stars 18 forks source link

Upgrade Axios dependency #48

Closed NicolasCARPi closed 10 months ago

NicolasCARPi commented 10 months ago

Hello @tnrich :wave:

There is a security issue with the Axios dependency: https://github.com/advisories/GHSA-wf5p-g6vw-rhxx

It would be great if you could update to the latest version (going from 0.x to 1.x).

Given the very light usage of axios in this project, it shouldn't cause any issue (famous last words... :smile: ).

Also, your code isn't affected by this security issue, so this is more about getting the latest bugfixes from the library, and as a bonus, the CVE alert disappears and I can build my images peacefully. :)

Cheers, ~Nico

tnrich commented 10 months ago

Hey @NicolasCARPi I've simply removed the axios dependency from our repo so shouldn't need to worry about this one anymore. Cheers!

NicolasCARPi commented 10 months ago

Love that attitude! ;)