Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update Axios #308

Merged
merged 1 commit into from Jun 11, 2019
Merged

Update Axios #308

merged 1 commit into from Jun 11, 2019

Conversation

cavanmflynn
Copy link
Contributor

This PR updates axios to 0.19.0, which contains a fix for the DoS vulnerability and resolves #268.

@tylerlevine
Copy link

@morleyzhi could this please get merged and released soon? We are now getting audit failures in our CI pipeline due to this issue.

Akuukis
Akuukis approved these changes Jun 5, 2019
View reviewed changes
Copy link
Contributor

@Akuukis Akuukis left a comment
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

According to #268, this is in lines with @morleyzhi decision to wait for fix in axios.

@tylerlevine
Copy link

To others coming here for a fix: The audit failures are fixable by updating the package-lock.json in downstream projects via npm audit fix.

@morleyzhi morleyzhi merged commit 5812075 into stellar:master Jun 11, 2019
@cavanmflynn cavanmflynn deleted the fix-axios-vuln branch June 11, 2019 16:05
lhtdeepaktomar pushed a commit to lhtdeepaktomar/js-stellar-sdk that referenced this pull request Jun 11, 2021
@dependabot
Bump rake from 12.3.2 to 12.3.3 (stellar#308)
d989f57 
Bumps [rake](https://github.com/ruby/rake) from 12.3.2 to 12.3.3.
- [Release notes](https://github.com/ruby/rake/releases)
- [Changelog](https://github.com/ruby/rake/blob/master/History.rdoc)
- [Commits](ruby/rake@v12.3.2...v12.3.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@morleyzhi morleyzhi morleyzhi approved these changes

@Akuukis Akuukis Akuukis approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

DoS in Axios
4 participants
@cavanmflynn @tylerlevine @morleyzhi @Akuukis