fix(deps): override axios to >=1.15.0 to resolve SSRF vulnerability (GHSA-3p68-rc4w-qgx5)
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
parent
dd5a4c9600
commit
1571902bb9
|
|
@ -26,6 +26,11 @@
|
|||
"prepare": "husky",
|
||||
"postinstall": "node scripts/rebuild-node-pty.js"
|
||||
},
|
||||
"pnpm": {
|
||||
"overrides": {
|
||||
"axios": ">=1.15.0"
|
||||
}
|
||||
},
|
||||
"devDependencies": {
|
||||
"@changesets/cli": "^2.29.8",
|
||||
"@eslint/js": "^10.0.1",
|
||||
|
|
|
|||
|
|
@ -4,6 +4,9 @@ settings:
|
|||
autoInstallPeers: true
|
||||
excludeLinksFromLockfile: false
|
||||
|
||||
overrides:
|
||||
axios: '>=1.15.0'
|
||||
|
||||
importers:
|
||||
|
||||
.:
|
||||
|
|
@ -1265,7 +1268,7 @@ packages:
|
|||
resolution: {integrity: sha512-lBehVhbnhvm41cFguZuy1FO+4x8NO3Qy/ooL0Jw4bdqTu21n7DmZMPsXEF0gL7/gNdTt4QkJGwaojy+8ExtE8w==}
|
||||
deprecated: Starting with v0.73.0, this package is bundled directly inside @hey-api/openapi-ts.
|
||||
peerDependencies:
|
||||
axios: '>= 1.0.0 < 2'
|
||||
axios: '>=1.15.0'
|
||||
|
||||
'@humanfs/core@0.19.1':
|
||||
resolution: {integrity: sha512-5DyQ4+1JEUzejeK1JGICcideyfUbGixgS9jNgex5nqkW+cY7WZhxBigmieN5Qnw9ZosSNVC9KQKyb+GUaGyKUA==}
|
||||
|
|
@ -2232,8 +2235,8 @@ packages:
|
|||
asynckit@0.4.0:
|
||||
resolution: {integrity: sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==}
|
||||
|
||||
axios@1.13.5:
|
||||
resolution: {integrity: sha512-cz4ur7Vb0xS4/KUN0tPWe44eqxrIu31me+fbang3ijiNscE129POzipJJA6zniq2C/Z6sJCjMimjS8Lc/GAs8Q==}
|
||||
axios@1.15.0:
|
||||
resolution: {integrity: sha512-wWyJDlAatxk30ZJer+GeCWS209sA42X+N5jU2jy6oHTp7ufw8uzUTVFBX9+wTfAlhiJXGS0Bq7X6efruWjuK9Q==}
|
||||
|
||||
balanced-match@1.0.2:
|
||||
resolution: {integrity: sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==}
|
||||
|
|
@ -3504,8 +3507,9 @@ packages:
|
|||
resolution: {integrity: sha512-y+WKFlBR8BGXnsNlIHFGPZmyDf3DFMoLhaflAnyZgV6rG6xu+JwesTo2Q9R6XwYmtmwAFCkAk3e35jEdoeh/3g==}
|
||||
engines: {node: '>=10'}
|
||||
|
||||
proxy-from-env@1.1.0:
|
||||
resolution: {integrity: sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==}
|
||||
proxy-from-env@2.1.0:
|
||||
resolution: {integrity: sha512-cJ+oHTW1VAEa8cJslgmUZrc+sjRKgAKl3Zyse6+PV38hZe/V6Z14TbCuXcan9F9ghlz4QrFr2c92TNF82UkYHA==}
|
||||
engines: {node: '>=10'}
|
||||
|
||||
punycode@2.3.1:
|
||||
resolution: {integrity: sha512-vYt7UD1U9Wg6138shLtLOvdAu+8DsC/ilFtEVHcH+wydcSpNE20AfSOduf6MkRFahL5FY7X1oU7nKVZFtfq8Fg==}
|
||||
|
|
@ -4743,9 +4747,9 @@ snapshots:
|
|||
'@eslint/core': 1.1.0
|
||||
levn: 0.4.1
|
||||
|
||||
'@hey-api/client-axios@0.2.12(axios@1.13.5)':
|
||||
'@hey-api/client-axios@0.2.12(axios@1.15.0)':
|
||||
dependencies:
|
||||
axios: 1.13.5
|
||||
axios: 1.15.0
|
||||
|
||||
'@humanfs/core@0.19.1': {}
|
||||
|
||||
|
|
@ -5737,11 +5741,11 @@ snapshots:
|
|||
|
||||
asynckit@0.4.0: {}
|
||||
|
||||
axios@1.13.5:
|
||||
axios@1.15.0:
|
||||
dependencies:
|
||||
follow-redirects: 1.15.11
|
||||
form-data: 4.0.5
|
||||
proxy-from-env: 1.1.0
|
||||
proxy-from-env: 2.1.0
|
||||
transitivePeerDependencies:
|
||||
- debug
|
||||
|
||||
|
|
@ -5872,11 +5876,11 @@ snapshots:
|
|||
'@ai-sdk/openai': 3.0.29(zod@3.25.76)
|
||||
'@cloudflare/workers-types': 4.20260214.0
|
||||
'@composio/mcp': 1.0.3-0
|
||||
'@hey-api/client-axios': 0.2.12(axios@1.13.5)
|
||||
'@hey-api/client-axios': 0.2.12(axios@1.15.0)
|
||||
'@langchain/core': 1.1.24(@opentelemetry/api@1.9.0)(openai@6.22.0(ws@8.19.0)(zod@3.25.76))
|
||||
'@langchain/openai': 1.2.7(@langchain/core@1.1.24(@opentelemetry/api@1.9.0)(openai@6.22.0(ws@8.19.0)(zod@3.25.76)))(ws@8.19.0)
|
||||
ai: 6.0.86(zod@3.25.76)
|
||||
axios: 1.13.5
|
||||
axios: 1.15.0
|
||||
chalk: 4.1.2
|
||||
cli-progress: 3.12.0
|
||||
commander: 12.1.0
|
||||
|
|
@ -6997,7 +7001,7 @@ snapshots:
|
|||
err-code: 2.0.3
|
||||
retry: 0.12.0
|
||||
|
||||
proxy-from-env@1.1.0: {}
|
||||
proxy-from-env@2.1.0: {}
|
||||
|
||||
punycode@2.3.1: {}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue