search

hungdev / react-native-instagram-login

a react native instagram login component (support android & ios). Pull requests are welcome!
https://www.npmjs.com/package/react-native-instagram-login
184 stars 103 forks source link

Could you update axios so it is no longer a critical vulnerability #110

Open rililive opened 2 years ago

rililive commented 2 years ago

Axios could probably be a peer dependency instead. Npm audit marks it as a critical dependency. It should be easy to update.

Also it would be better as a peer dependency because the axios export is a singleton. Setting defaults can get out of wack when you have multiple versions of axios

hungdev commented 2 years ago

@rililive feel free to create a pull request

rililive commented 2 years ago

@hungdev Hi, I have created a branch, but I don't have permissions to push to this repo.

Example changes

"dependencies": {
    "qs": "6.9.4"
},
"peerDependencies": {
    "react-native-webview": "^11.18.2",
    "axios": "^0.27.2"
}
hungdev commented 2 years ago

You can fork it and create a new pull request to my repo.

rililive commented 2 years ago

Ok, PR here https://github.com/hungdev/react-native-instagram-login/pull/112

rililive commented 2 years ago

Please merge publish when you have time. Are there other collaborators with write/publish permissions who have more availability?

I have an extensive background in js/ts, so I'd be happy to help.