From 129aecd0d575fa12a73850387f081f1cf31a9050 Mon Sep 17 00:00:00 2001 From: Nikhil Ashoka Date: Wed, 27 Mar 2024 16:00:49 +0530 Subject: Upgraded Axios version Current Axios version was 0.21.4, this version has a CSRF vulnerability. https://github.com/axios/axios/issues/6022. v1.6.0 has fixed this problem, upgrade Axios to that version. Reference: https://github.com/axios/axios/pull/6028 The package-lock.json was generated by pointing bitbake at my local repo and building the image. devtool modify -n webui-vue This uses the npm version in yocto 10.4.0. Tested: Loaded this on a p10bmc and GUI looked good. Signed-off-by: Nikhil Ashoka Change-Id: Ifb0d64c7d4d15d2396ee6d83d609ab8522d9e247 Signed-off-by: Gunnar Mills --- package-lock.json | 103 +++++++++++++++++++++++++++++++++++++----------------- package.json | 2 +- 2 files changed, 71 insertions(+), 34 deletions(-) diff --git a/package-lock.json b/package-lock.json index be6d1dff..42eecbea 100644 --- a/package-lock.json +++ b/package-lock.json @@ -10,7 +10,7 @@ "dependencies": { "@carbon/icons-vue": "10.28.0", "@novnc/novnc": "1.2.0", - "axios": "0.21.4", + "axios": "1.6.0", "bootstrap": "4.6.0", "bootstrap-vue": "2.21.2", "core-js": "3.9.1", @@ -3467,17 +3467,6 @@ "@xtuc/long": "4.2.2" } }, - "node_modules/@vue/cli-plugin-eslint/node_modules/acorn": { - "version": "8.11.3", - "dev": true, - "license": "MIT", - "bin": { - "acorn": "bin/acorn" - }, - "engines": { - "node": ">=0.4.0" - } - }, "node_modules/@vue/cli-plugin-eslint/node_modules/ansi-styles": { "version": "4.3.0", "dev": true, @@ -4111,6 +4100,18 @@ } } }, + "node_modules/@vue/cli-service/node_modules/acorn": { + "version": "7.4.1", + "resolved": "https://registry.npmjs.org/acorn/-/acorn-7.4.1.tgz", + "integrity": "sha512-nQyp0o1/mNdbTO1PO6kHkwSrmgZ0MT/jCCpNiwbUjGoRN4dlBhqJtoQuCnEOKzgTVwg0ZWiCoQy6SxMebQVh8A==", + "dev": true, + "bin": { + "acorn": "bin/acorn" + }, + "engines": { + "node": ">=0.4.0" + } + }, "node_modules/@vue/cli-shared-utils": { "version": "4.5.19", "dev": true, @@ -5139,9 +5140,10 @@ } }, "node_modules/acorn": { - "version": "7.4.1", + "version": "8.11.3", + "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.11.3.tgz", + "integrity": "sha512-Y9rRfJG5jcKOE0CLisYbojUjIrIEE7AGMzA/Sm4BslANhbS+cDMpgBdcPT91oJ7OuJ9hYJBx59RjbhxVnrF8Xg==", "dev": true, - "license": "MIT", "bin": { "acorn": "bin/acorn" }, @@ -5670,7 +5672,6 @@ }, "node_modules/asynckit": { "version": "0.4.0", - "dev": true, "license": "MIT" }, "node_modules/atob": { @@ -5741,10 +5742,26 @@ "license": "MIT" }, "node_modules/axios": { - "version": "0.21.4", - "license": "MIT", + "version": "1.6.0", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.0.tgz", + "integrity": "sha512-EZ1DYihju9pwVB+jg67ogm+Tmqc6JmhamRN6I4Zt8DfZu5lbcQGw3ozH9lFejSJgs/ibaef3A9PMXPLeefFGJg==", "dependencies": { - "follow-redirects": "^1.14.0" + "follow-redirects": "^1.15.0", + "form-data": "^4.0.0", + "proxy-from-env": "^1.1.0" + } + }, + "node_modules/axios/node_modules/form-data": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz", + "integrity": "sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww==", + "dependencies": { + "asynckit": "^0.4.0", + "combined-stream": "^1.0.8", + "mime-types": "^2.1.12" + }, + "engines": { + "node": ">= 6" } }, "node_modules/babel-code-frame": { @@ -7516,7 +7533,6 @@ }, "node_modules/combined-stream": { "version": "1.0.8", - "dev": true, "license": "MIT", "dependencies": { "delayed-stream": "~1.0.0" @@ -8835,7 +8851,6 @@ }, "node_modules/delayed-stream": { "version": "1.0.0", - "dev": true, "license": "MIT", "engines": { "node": ">=0.4.0" @@ -10164,17 +10179,6 @@ "url": "https://opencollective.com/eslint" } }, - "node_modules/espree/node_modules/acorn": { - "version": "8.11.3", - "dev": true, - "license": "MIT", - "bin": { - "acorn": "bin/acorn" - }, - "engines": { - "node": ">=0.4.0" - } - }, "node_modules/espree/node_modules/eslint-visitor-keys": { "version": "3.4.3", "dev": true, @@ -13210,6 +13214,18 @@ "jsdom": "^15.2.1" } }, + "node_modules/jest-environment-jsdom-fifteen/node_modules/acorn": { + "version": "7.4.1", + "resolved": "https://registry.npmjs.org/acorn/-/acorn-7.4.1.tgz", + "integrity": "sha512-nQyp0o1/mNdbTO1PO6kHkwSrmgZ0MT/jCCpNiwbUjGoRN4dlBhqJtoQuCnEOKzgTVwg0ZWiCoQy6SxMebQVh8A==", + "dev": true, + "bin": { + "acorn": "bin/acorn" + }, + "engines": { + "node": ">=0.4.0" + } + }, "node_modules/jest-environment-jsdom-fifteen/node_modules/cssom": { "version": "0.4.4", "dev": true, @@ -13911,6 +13927,12 @@ "@hapi/hoek": "^9.0.0" } }, + "node_modules/jquery": { + "version": "3.7.1", + "resolved": "https://registry.npmjs.org/jquery/-/jquery-3.7.1.tgz", + "integrity": "sha512-m4avr8yL8kmFN8psrbFFFmB/If14iN5o9nw/NgnnM+kybDJpRsAynV2BsfpTYrTRysYUdADVD7CkUUizgkpLfg==", + "peer": true + }, "node_modules/js-beautify": { "version": "1.15.1", "dev": true, @@ -15210,7 +15232,6 @@ }, "node_modules/mime-db": { "version": "1.52.0", - "dev": true, "license": "MIT", "engines": { "node": ">= 0.6" @@ -15218,7 +15239,6 @@ }, "node_modules/mime-types": { "version": "2.1.35", - "dev": true, "license": "MIT", "dependencies": { "mime-db": "1.52.0" @@ -17513,6 +17533,11 @@ "node": ">= 0.10" } }, + "node_modules/proxy-from-env": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz", + "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==" + }, "node_modules/prr": { "version": "1.0.1", "dev": true, @@ -21949,6 +21974,18 @@ "node": ">= 6.14.4" } }, + "node_modules/webpack-bundle-analyzer/node_modules/acorn": { + "version": "7.4.1", + "resolved": "https://registry.npmjs.org/acorn/-/acorn-7.4.1.tgz", + "integrity": "sha512-nQyp0o1/mNdbTO1PO6kHkwSrmgZ0MT/jCCpNiwbUjGoRN4dlBhqJtoQuCnEOKzgTVwg0ZWiCoQy6SxMebQVh8A==", + "dev": true, + "bin": { + "acorn": "bin/acorn" + }, + "engines": { + "node": ">=0.4.0" + } + }, "node_modules/webpack-bundle-analyzer/node_modules/commander": { "version": "2.20.3", "dev": true, diff --git a/package.json b/package.json index b0ee3401..efdb8081 100644 --- a/package.json +++ b/package.json @@ -17,7 +17,7 @@ "dependencies": { "@carbon/icons-vue": "10.28.0", "@novnc/novnc": "1.2.0", - "axios": "0.21.4", + "axios": "1.6.0", "bootstrap": "4.6.0", "bootstrap-vue": "2.21.2", "core-js": "3.9.1", -- cgit v1.2.3