diff options
author | Nikhil Ashoka <a.nikhil@ibm.com> | 2024-03-27 13:30:49 +0300 |
---|---|---|
committer | Gunnar Mills <gmills@us.ibm.com> | 2024-04-02 23:59:32 +0300 |
commit | 129aecd0d575fa12a73850387f081f1cf31a9050 (patch) | |
tree | eee6c52dd086cc827fadf04c9a599bc0a0c56409 /package.json | |
parent | 264589a68fb1cf0120feb0915fceb3f3c6e0f0e1 (diff) | |
download | webui-vue-129aecd0d575fa12a73850387f081f1cf31a9050.tar.xz |
Upgraded Axios version
Current Axios version was 0.21.4, this version has a CSRF vulnerability.
https://github.com/axios/axios/issues/6022.
v1.6.0 has fixed this problem, upgrade Axios to that version.
Reference: https://github.com/axios/axios/pull/6028
The package-lock.json was generated by pointing bitbake at my local repo
and building the image. devtool modify -n webui-vue <local repo>
This uses the npm version in yocto 10.4.0.
Tested: Loaded this on a p10bmc and GUI looked good.
Signed-off-by: Nikhil Ashoka <a.nikhil@ibm.com>
Change-Id: Ifb0d64c7d4d15d2396ee6d83d609ab8522d9e247
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
Diffstat (limited to 'package.json')
-rw-r--r-- | package.json | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/package.json b/package.json index b0ee3401..efdb8081 100644 --- a/package.json +++ b/package.json @@ -17,7 +17,7 @@ "dependencies": { "@carbon/icons-vue": "10.28.0", "@novnc/novnc": "1.2.0", - "axios": "0.21.4", + "axios": "1.6.0", "bootstrap": "4.6.0", "bootstrap-vue": "2.21.2", "core-js": "3.9.1", |