From 0e66018c4e5b4ef9be2d9e4c992088a997d8a6fb Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sun, 26 Apr 2026 20:27:26 +0000
Subject: [PATCH] fix: package.json & package-lock.json to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-AXIOS-16298055
- https://snyk.io/vuln/SNYK-JS-AXIOS-16298058
- https://snyk.io/vuln/SNYK-JS-AXIOS-16298095
- https://snyk.io/vuln/SNYK-JS-AXIOS-16298130
- https://snyk.io/vuln/SNYK-JS-AXIOS-16298162
- https://snyk.io/vuln/SNYK-JS-AXIOS-16299478
- https://snyk.io/vuln/SNYK-JS-AXIOS-16299819
- https://snyk.io/vuln/SNYK-JS-AXIOS-16299904
- https://snyk.io/vuln/SNYK-JS-AXIOS-16299921
- https://snyk.io/vuln/SNYK-JS-AXIOS-16299923
- https://snyk.io/vuln/SNYK-JS-AXIOS-16299925
---
 package-lock.json | 19 ++++++++++++++-----
 package.json      |  2 +-
 2 files changed, 15 insertions(+), 6 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 6408d15..f1a6ec8 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -9,7 +9,7 @@
       "version": "5.5.10",
       "license": "Apache-2.0",
       "dependencies": {
-        "axios": "^1.13.5",
+        "axios": "^1.15.2",
         "axios-retry": "^4.5.0",
         "glob": "^13.0.6",
         "http-proxy-agent": "^7.0.2",
@@ -1993,14 +1993,14 @@
       }
     },
     "node_modules/axios": {
-      "version": "1.13.5",
-      "resolved": "https://registry.npmjs.org/axios/-/axios-1.13.5.tgz",
-      "integrity": "sha512-cz4ur7Vb0xS4/KUN0tPWe44eqxrIu31me+fbang3ijiNscE129POzipJJA6zniq2C/Z6sJCjMimjS8Lc/GAs8Q==",
+      "version": "1.15.2",
+      "resolved": "https://registry.npmjs.org/axios/-/axios-1.15.2.tgz",
+      "integrity": "sha512-wLrXxPtcrPTsNlJmKjkPnNPK2Ihe0hn0wGSaTEiHRPxwjvJwT3hKmXF4dpqxmPO9SoNb2FsYXj/xEo0gHN+D5A==",
       "license": "MIT",
       "dependencies": {
         "follow-redirects": "^1.15.11",
         "form-data": "^4.0.5",
-        "proxy-from-env": "^1.1.0"
+        "proxy-from-env": "^2.1.0"
       }
     },
     "node_modules/axios-retry": {
@@ -2015,6 +2015,15 @@
         "axios": "0.x || 1.x"
       }
     },
+    "node_modules/axios/node_modules/proxy-from-env": {
+      "version": "2.1.0",
+      "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-2.1.0.tgz",
+      "integrity": "sha512-cJ+oHTW1VAEa8cJslgmUZrc+sjRKgAKl3Zyse6+PV38hZe/V6Z14TbCuXcan9F9ghlz4QrFr2c92TNF82UkYHA==",
+      "license": "MIT",
+      "engines": {
+        "node": ">=10"
+      }
+    },
     "node_modules/babel-jest": {
       "version": "29.7.0",
       "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.7.0.tgz",
diff --git a/package.json b/package.json
index 60e02d9..60814d8 100644
--- a/package.json
+++ b/package.json
@@ -26,7 +26,7 @@
     "node": ">=14.x"
   },
   "dependencies": {
-    "axios": "^1.13.5",
+    "axios": "^1.15.2",
     "axios-retry": "^4.5.0",
     "glob": "^13.0.6",
     "http-proxy-agent": "^7.0.2",