Fixed #17: upgrade axios from 0.21.4 to 1.7.8 to fix CVE-2024-57965#18
Open
anil-g11h wants to merge 2 commits intobshreddy:masterfrom
Open
Fixed #17: upgrade axios from 0.21.4 to 1.7.8 to fix CVE-2024-57965#18anil-g11h wants to merge 2 commits intobshreddy:masterfrom
anil-g11h wants to merge 2 commits intobshreddy:masterfrom
Conversation
anil-g11h
force-pushed
the
security/upgrade-axios-cve-2024-57965
branch
from
caee7db to
9a19a3f
Compare
…-57965 - Updates axios dependency from ^0.21.4 to ^1.7.8 - Fixes critical security vulnerability CVE-2024-57965 (CVSS 9.8) - The vulnerability in axios < 1.7.8 affects isURLSameOrigin.js - This fix prevents potential cross-origin request vulnerabilities - Add "dom" to TypeScript lib to support Fetch API types required by axios 1.7.8 Fixes: CVE-2024-57965 BREAKING CHANGE: axios 1.x may have minor API changes from 0.21.x
anil-g11h
force-pushed
the
security/upgrade-axios-cve-2024-57965
branch
from
9a19a3f to
86b1654
Compare
…ility - Add eslint-import-resolver-typescript to resolve ESM imports correctly - Configure ESLint TypeScript resolver and disable import/namespace for test files - Configure Jest to use axios CommonJS build for compatibility with ts-jest - Update Joi test schemas to allow unknown fields from newer Vault versions - All 36 tests now passing with 96.94% code coverage
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixes: CVE-2024-57965
BREAKING CHANGE: axios 1.x may have minor API changes from 0.21.x