Closed up-up-and-away[bot] closed 11 months ago
We ran uuaw --audit and it resulted in a clean yarn audit.
uuaw --audit
Attempting to fix advisory: GHSA-wf5p-g6vw-rhxx - Axios Cross-Site Request Forgery Vulnerability Scanning dependency chain: @continuous-auth/semantic-release-npm --> @continuous-auth/client --> axios [1/4] Trying from: axios@^0.27.2 Resolving: axios@^0.27.2 --> 0.27.2 [1/4] Chain results in vulnerable version: axios@0.27.2 [2/4] Trying from: @continuous-auth/client@^2.2.2 Resolving: @continuous-auth/client@^2.2.2 --> 2.2.3 Resolving: axios@^1.6.2 --> 1.6.2 [2/4] Updating chain to latest starting at: @continuous-auth/client@^2.2.2 results in a patched version: axios@1.6.2 [2/4] Running yarn install now Audit is clean, looking good cap'n
:tada: This PR is included in version 3.52.0 :tada:
The release is available on:
Your semantic-release bot :package::rocket:
We ran
uuaw --audit
and it resulted in a clean yarn audit.