search

farahat80 / react-open-weather

React open weather is a React Component loading forecast data from Various weather providers (currently OpenWeather, WeatherBit and VisualCrossing)
MIT License
112 stars 64 forks source link

Axios XSRF Vulnerability #117

Closed qquentinv closed 3 months ago

qquentinv commented 7 months ago

Fix #116

SheldonWBM commented 3 months ago

The latest version of Axios, currently 1.7.2, is compatible and has no issues.
By adding to package.json:

  "resolutions": {
    "axios": "^1.7.2"
  },

I have force-bumped the version of Axios. Hopefully, this component is still maintained.

qquentinv commented 3 months ago

Thanks for this temporary solution, I hope so too.