search

coupergateway / couper

Couper is a lightweight API gateway designed to support developers in building and operating API-driven Web projects
https://couper.io
MIT License
84 stars 15 forks source link

upgrade dependencies for npm package #817

Closed kevinsandow closed 5 months ago

kevinsandow commented 5 months ago

Axios was out of date and had a security vulnerability:

axios  0.8.1 - 0.27.2
Severity: moderate
Axios Cross-Site Request Forgery Vulnerability - https://github.com/advisories/GHSA-wf5p-g6vw-rhxx
No fix available
node_modules/couper/node_modules/axios
  couper  *
  Depends on vulnerable versions of axios
  node_modules/couper

See https://github.com/advisories/GHSA-wf5p-g6vw-rhxx for more details

Reviewer checklist
  • Read PR description: a summary about the changes is required
  • Changelog updated
  • Documentation: docs/{Reference, Cli, ...}, Docker and cli help/usage
  • Pulled branch, manually tested
  • Verified requirements are met
  • Reviewed the code
  • Reviewed the related tests