react-axios icon indicating copy to clipboard operation
react-axios copied to clipboard

Published 20 hours ago verified publisher icon sheaivey

Bump axios to ^1.6.7

Open razvanphp opened this issue 1 year ago • 0 comments

This library depends on a very old version of axios that is vulnerable, see npm audit output:

# npm audit report

axios  0.8.1 - 1.5.1
Severity: moderate
Axios Cross-Site Request Forgery Vulnerability - https://github.com/advisories/GHSA-wf5p-g6vw-rhxx
No fix available
node_modules/axios
  react-axios  *
  Depends on vulnerable versions of axios
  node_modules/react-axios

2 moderate severity vulnerabilities

Some issues need review, and may require choosing
a different dependency.

Can we bump the version and tag the release please?

Thank you! R

razvanphp avatar Feb 16 '24 05:02 razvanphp