[Dependency update] - Vulnerable axios dependency
kemotx90 opened this issue ยท 4 comments
kemotx90 commented
๐ Report:
Describe the bug
Current version use vulnerable axios dependency
Expected behavior
Axios >1.7.3
Screenshots
Operation System (please complete the following information):
- OS: Windows
- Version 10
Package System (please complete the following information):
- Version 2.13.4
markus-ebner commented
Should be resolved in #789 (review) but it still needs approval from a contributor :)
TimoReckling commented
Should be resolved in #789 (review) but it still needs approval from a contributor :)
But don't we also need an update of @nestjs/axios to its newest version such that that also uses axios 1.7.4 https://github.com/nestjs/axios/releases/tag/3.0.3
TimoReckling commented
@kay-schecker I don't know if you got assigned or assigned yourself, but can you have a look at this security update?