Commit 212d704
committed
Temporary override package axios
Upstream issue, node-red/node-red-admin#55.
$ npm audit
axios <=1.13.4
Severity: high
Axios is Vulnerable to Denial of Service via __proto__ Key in mergeConfig - GHSA-43fc-jf86-j433
fix available via `npm audit fix --force`
Will install node-red@4.0.9, which is a breaking change
node_modules/axios
node-red-admin 0.2.0 - 3.1.0 || >=4.0.2
Depends on vulnerable versions of axios
node_modules/node-red-admin
node-red 1.1.0-beta.1 - 2.2.3 || >=4.1.0-beta.1
Depends on vulnerable versions of node-red-admin
node_modules/node-red
3 high severity vulnerabilities
To address all issues (including breaking changes), run:
npm audit fix --force
$ npm ls axios
@hlovdal/node-red-lowercase-in-typescript-cjs@1.0.0 /download/src/egne/hlovdal-node-red-lowercase-in-typescript
├─┬ node-red@4.1.4
│ └─┬ node-red-admin@4.1.2
│ └── axios@1.12.2
└─┬ wait-on@9.0.3
└── axios@1.13.51 parent fda0e66 commit 212d704
2 files changed
+20
-17
lines changedSome generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
48 | 48 | | |
49 | 49 | | |
50 | 50 | | |
| 51 | + | |
| 52 | + | |
| 53 | + | |
51 | 54 | | |
52 | 55 | | |
53 | 56 | | |
| |||
0 commit comments