Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Update axios dependency due to security vulnerability
See original GitHub issueDo you want to request a feature or report a bug? Report an outdated, vulnerable dependency.
What is the current behavior?
axios is not updated to a fixed version for the following advisory ( https://www.npmjs.com/advisories/1594 ) as bundlesize depends on axios ^0.19.0 which prevents npm from updating the dependency to 0.21.1 or higher.
If the current behavior is a bug, please provide the steps to reproduce. N/A
What is the expected behavior?
axios dependency is updated to >=0.21.1 to depend on a version that fixes the following advisory: https://www.npmjs.com/advisories/1594
If this is a feature request, what is motivation or use case for changing the behavior? N/A
Please mention other relevant information. N/A
Issue Analytics
- State:
- Created 3 years ago
- Comments:8 (2 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
Fixed in bundlesize@0.18.1
Also fixed in https://github.com/siddharthkp/bundlesize2