anselmdk
commented
11 months ago @jemgold it would be amazing to have this merged and released. Is there any way we could help?
Closed gaurav-bhardwaj-ind closed 11 months ago
anselmdk
commented
11 months ago @jemgold it would be amazing to have this merged and released. Is there any way we could help?
jemgold
commented
11 months ago @anselmdk sorry! I don't watch this repo anymore - can we add more maintainers?
anselmdk
commented
11 months ago @jemgold thanks for merging! I guess we need a new minor release. I'm happy to help out as a maintainer. Ping me on anse@danskebank.dk and we'll figure out the specifics.
What kind of change does this PR introduce? (Bug fix, feature, docs update, ...) Upgrading Axios from version 0.21.1 to 1.6.0
What is the current behavior? (You can also link to an open issue here) There is a vulnerability of axios 0.21.1 package
├─ axios │ ├─ ID: 1094889 │ ├─ Issue: Axios Cross-Site Request Forgery Vulnerability │ ├─ URL: https://github.com/advisories/GHSA-wf5p-g6vw-rhxx │ ├─ Severity: moderate │ ├─ Vulnerable Versions: >=0.8.1 <1.6.0 │ │ │ ├─ Tree Versions │ │ └─ 0.21.4 │ │ │ └─ Dependents │ └─ figma-js@npm:1.16.0
What is the new behavior (if this is a feature change)? This will get rid of the axios vulnerability
Other information: