Please upgrade apisauce to fix npm audit on axios version

infinitered / gluegun

A delightful toolkit for building TypeScript-powered command-line apps.

MIT License

2.95k stars 147 forks source link

Please upgrade apisauce to fix npm audit on axios version #732

Closed blake-mealey closed 3 years ago

blake-mealey commented 3 years ago

gluegun currently depends on apisauce ^1.0.1 which depends on a version of axios with the high severity vulnerability https://www.npmjs.com/advisories/1594. The latest version of apisauce depends on a version of axios without this vulnerability.

We would appreciate upgrading the dependency so that our npm audit scans do not give us these errors.

infinitered-circleci commented 3 years ago

:tada: This issue has been resolved in version 4.6.1 :tada:

The release is available on:

npm package (@latest dist-tag)
GitHub release

Your semantic-release bot :package::rocket: