From 89711c2d9e13beb718ec0c4ebf03d6be1eab7129 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sun, 9 Mar 2025 14:09:08 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-AXIOS-9292519 --- package-lock.json | 18 +++++++++--------- package.json | 2 +- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/package-lock.json b/package-lock.json index 2a09f7f..d0c0e50 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,17 +1,17 @@ { "name": "github-cognito-openid-wrapper", - "version": "1.2.1", + "version": "2.0.0", "lockfileVersion": 2, "requires": true, "packages": { "": { "name": "github-cognito-openid-wrapper", - "version": "1.2.1", + "version": "2.0.0", "hasInstallScript": true, "license": "ISC", "dependencies": { "@snyk/protect": "^1.1292.1", - "axios": "^1.7.7", + "axios": "^1.8.2", "body-parser": "^1.20.2", "colors": "^1.4.0", "express": "^4.21.1", @@ -3479,9 +3479,9 @@ } }, "node_modules/axios": { - "version": "1.7.7", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.7.7.tgz", - "integrity": "sha512-S4kL7XrjgBmvdGut0sN3yJxqYzrDOnivkBiN0OFs6hLiUam3UPvswUo0kqGyhqUZGEOytHyumEdXsAkgCOUf3Q==", + "version": "1.8.2", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.8.2.tgz", + "integrity": "sha512-ls4GYBm5aig9vWx8AWDSGLpnpDQRtWAfrjU+EuytuODrFBkqesN2RkOQCBzrA1RQNHw1SmRMSDDDSwzNAYQ6Rg==", "license": "MIT", "dependencies": { "follow-redirects": "^1.15.6", @@ -16448,9 +16448,9 @@ "dev": true }, "axios": { - "version": "1.7.7", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.7.7.tgz", - "integrity": "sha512-S4kL7XrjgBmvdGut0sN3yJxqYzrDOnivkBiN0OFs6hLiUam3UPvswUo0kqGyhqUZGEOytHyumEdXsAkgCOUf3Q==", + "version": "1.8.2", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.8.2.tgz", + "integrity": "sha512-ls4GYBm5aig9vWx8AWDSGLpnpDQRtWAfrjU+EuytuODrFBkqesN2RkOQCBzrA1RQNHw1SmRMSDDDSwzNAYQ6Rg==", "requires": { "follow-redirects": "^1.15.6", "form-data": "^4.0.0", diff --git a/package.json b/package.json index fefdfb5..9c4b7d1 100644 --- a/package.json +++ b/package.json @@ -31,7 +31,7 @@ "license": "ISC", "dependencies": { "@snyk/protect": "^1.1292.1", - "axios": "^1.7.7", + "axios": "^1.8.2", "body-parser": "^1.20.2", "colors": "^1.4.0", "express": "^4.21.1",