Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Please upgrade apisauce to fix npm audit on axios version #732

Closed
blake-mealey opened this issue Jan 20, 2021 · 1 comment · Fixed by DyegoMaas/Replicante#27
Closed

Please upgrade apisauce to fix npm audit on axios version #732

blake-mealey opened this issue Jan 20, 2021 · 1 comment · Fixed by DyegoMaas/Replicante#27
Labels
released

Comments

@blake-mealey
Copy link

gluegun currently depends on apisauce ^1.0.1 which depends on a version of axios with the high severity vulnerability https://www.npmjs.com/advisories/1594. The latest version of apisauce depends on a version of axios without this vulnerability.

We would appreciate upgrading the dependency so that our npm audit scans do not give us these errors.
SimonJang added a commit to SimonJang/gluegun that referenced this issue Jan 27, 2021
@SimonJang
fix(deps): Update dependency apisauce to 2.0.1 - fixes infinitered#732
a411ecb
infinitered-circleci pushed a commit that referenced this issue Feb 15, 2021
@semantic-release-bot
chore(release): 4.6.1 [skip ci]
69ce257 
## [4.6.1](v4.6.0...v4.6.1) (2021-02-15)

### Bug Fixes

* **deps:** Update dependency apisauce to 2.0.1 - fixes [#732](#732) ([#733](#733)) ([9cbb727](9cbb727))
@infinitered-circleci
Copy link

🎉 This issue has been resolved in version 4.6.1 🎉

The release is available on:

Your semantic-release bot 📦🚀

@dependabot dependabot bot mentioned this issue Mar 16, 2021
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
released
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Bump gluegun from 4.5.0 to 4.6.1 DyegoMaas/Replicante
2 participants
@blake-mealey @infinitered-circleci