From 129aecd0d575fa12a73850387f081f1cf31a9050 Mon Sep 17 00:00:00 2001
From: Nikhil Ashoka <a.nikhil@ibm.com>
Date: Wed, 27 Mar 2024 16:00:49 +0530
Subject: Upgraded Axios version

Current Axios version was 0.21.4, this version has a CSRF vulnerability.
https://github.com/axios/axios/issues/6022.

v1.6.0 has fixed this problem, upgrade Axios to that version.
Reference: https://github.com/axios/axios/pull/6028

The package-lock.json was generated by pointing bitbake at my local repo
and building the image. devtool modify -n  webui-vue <local repo>

This uses the npm version in yocto 10.4.0.

Tested: Loaded this on a p10bmc and GUI looked good.

Signed-off-by: Nikhil Ashoka <a.nikhil@ibm.com>
Change-Id: Ifb0d64c7d4d15d2396ee6d83d609ab8522d9e247
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
---
 package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'package.json')

diff --git a/package.json b/package.json
index b0ee3401..efdb8081 100644
--- a/package.json
+++ b/package.json
@@ -17,7 +17,7 @@
     "dependencies": {
         "@carbon/icons-vue": "10.28.0",
         "@novnc/novnc": "1.2.0",
-        "axios": "0.21.4",
+        "axios": "1.6.0",
         "bootstrap": "4.6.0",
         "bootstrap-vue": "2.21.2",
         "core-js": "3.9.1",
-- 
cgit v1.2.3