From 40453f319bcfa34f89ea1f1e169c5d4298e17015 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 27 Dec 2023 15:38:54 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-AXIOS-6124857 --- package-lock.json | 36 ++++++++++++++++++++++++------------ package.json | 2 +- 2 files changed, 25 insertions(+), 13 deletions(-) diff --git a/package-lock.json b/package-lock.json index 959c6ce..f5f7239 100644 --- a/package-lock.json +++ b/package-lock.json @@ -16,7 +16,7 @@ "@testing-library/react": "^11.2.7", "@testing-library/user-event": "^12.8.3", "@ya.praktikum/react-developer-burger-ui-components": "^1.13.1", - "axios": "^0.27.2", + "axios": "^1.6.3", "is-email": "^1.0.2", "nanoid": "^3.2.0", "react": "^16.8.6", @@ -29,6 +29,7 @@ "redux": "^4.1.2", "redux-thunk": "^2.4.1", "redux-toolkit": "^1.1.2", + "typescript": "^4.7.2", "typescript-cookie": "^1.0.3", "web-vitals": "^1.1.2" }, @@ -5620,13 +5621,13 @@ } }, "node_modules/axios": { - "version": "0.27.2", - "resolved": "https://npm.prakticum-team.ru/axios/-/axios-0.27.2.tgz", - "integrity": "sha512-t+yRIyySRTp/wua5xEr+z1q60QmLq8ABsS5O9Me1AsE5dfKqgnCFzwiCZZ/cGNd1lq4/7akDWMxdhVlucjmnOQ==", - "license": "MIT", + "version": "1.6.3", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.3.tgz", + "integrity": "sha512-fWyNdeawGam70jXSVlKl+SUNVcL6j6W79CuSIPfi6HnDUmSCH6gyUys/HrqHeA/wU0Az41rRgean494d0Jb+ww==", "dependencies": { - "follow-redirects": "^1.14.9", - "form-data": "^4.0.0" + "follow-redirects": "^1.15.0", + "form-data": "^4.0.0", + "proxy-from-env": "^1.1.0" } }, "node_modules/axios/node_modules/form-data": { @@ -15011,6 +15012,11 @@ "node": ">= 0.10" } }, + "node_modules/proxy-from-env": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz", + "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==" + }, "node_modules/psl": { "version": "1.8.0", "resolved": "https://npm.prakticum-team.ru/psl/-/psl-1.8.0.tgz", @@ -23138,12 +23144,13 @@ "dev": true }, "axios": { - "version": "0.27.2", - "resolved": "https://npm.prakticum-team.ru/axios/-/axios-0.27.2.tgz", - "integrity": "sha512-t+yRIyySRTp/wua5xEr+z1q60QmLq8ABsS5O9Me1AsE5dfKqgnCFzwiCZZ/cGNd1lq4/7akDWMxdhVlucjmnOQ==", + "version": "1.6.3", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.3.tgz", + "integrity": "sha512-fWyNdeawGam70jXSVlKl+SUNVcL6j6W79CuSIPfi6HnDUmSCH6gyUys/HrqHeA/wU0Az41rRgean494d0Jb+ww==", "requires": { - "follow-redirects": "^1.14.9", - "form-data": "^4.0.0" + "follow-redirects": "^1.15.0", + "form-data": "^4.0.0", + "proxy-from-env": "^1.1.0" }, "dependencies": { "form-data": { @@ -29807,6 +29814,11 @@ } } }, + "proxy-from-env": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz", + "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==" + }, "psl": { "version": "1.8.0", "resolved": "https://npm.prakticum-team.ru/psl/-/psl-1.8.0.tgz", diff --git a/package.json b/package.json index fdecb75..f7b38f6 100644 --- a/package.json +++ b/package.json @@ -12,7 +12,7 @@ "@testing-library/react": "^11.2.7", "@testing-library/user-event": "^12.8.3", "@ya.praktikum/react-developer-burger-ui-components": "^1.13.1", - "axios": "^0.27.2", + "axios": "^1.6.3", "is-email": "^1.0.2", "nanoid": "^3.2.0", "react": "^16.8.6",