treee111
commented
1 month ago thanks a lot for the fast update of axios libaries @pfefferf! 👍 👍 👍
Closed treee111 closed 1 month ago
treee111
commented
1 month ago thanks a lot for the fast update of axios libaries @pfefferf! 👍 👍 👍
mhuber9
commented
1 month ago Since today we have this error.
Error Message: require() of ES Module /home/ec2-user/workspace/pipeline_ui5/node_modules/retry-axios/build/src/index.js from /home/ec2-user/workspace/pipeline_ui5/node_modules/ui5-nwabap-deployer-core/lib/AdtClient.js not supported. Instead change the require of index.js in /home/ec2-user/workspace/pipeline_ui5/node_modules/ui5-nwabap-deployer-core/lib/AdtClient.js to a dynamic import() which is available in all CommonJS modules.
We believe it is due to the new version. @treee111 do you have any problems?
treee111
commented
1 month ago Hi @mhuber9, you are right - I just tested it now. I have the same error. So that might have been introduced with setting the dependency higher. I'll have a look into it and try to understand ;-)
treee111
commented
1 month ago I found a solution which works for me locally, see PR #65
pfefferf
commented
1 month ago Thx. Fix is available with ui5-nwabap-deployer-core@2.2.5.
as documented here,
axioshat a vulnerability in versions less <0.28.0. As there is no version 0.28.0, version 1.0.0 is needed in my opinion.Is there a reason, i.e. breaking change that blocks from updating the
axiosdependency? If not, it would be nice if we could update the dependency to a non-vulnerable version.For reference, this is the last update of
axios:https://github.com/pfefferf/ui5-nwabap-deployer/commit/6fcdfa49822683e14060f49a20745da90afa37bf