From 0e6d8aca441fa96e38af2bbd062a83d37475fe74 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 11 Feb 2026 00:02:41 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-AXIOS-15252993 --- package-lock.json | 35 +++++++++++++++++++++++++++++------ package.json | 2 +- 2 files changed, 30 insertions(+), 7 deletions(-) diff --git a/package-lock.json b/package-lock.json index 20a13d2d..431b50a5 100644 --- a/package-lock.json +++ b/package-lock.json @@ -26,7 +26,7 @@ "adm-zip": "0.5.16", "ajv-formats": "3.0.1", "atob": "2.1.2", - "axios": "1.13.4", + "axios": "^1.13.5", "chai": "4.4.1", "connection-string": "^5.0.0", "cookie-parser": "1.4.7", @@ -2175,6 +2175,17 @@ "integrity": "sha512-/c6rf4UJlmHlC9b5BaNvzAcFv7HZ2QHaV0D4/HNlBdvFnvQq8RI4kYdhyPCl7Xj+oWvTWQ8ujhqS53LIgAe6KQ==", "license": "BSD-3-Clause" }, + "node_modules/@mojaloop/central-services-shared/node_modules/axios": { + "version": "1.13.4", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.13.4.tgz", + "integrity": "sha512-1wVkUaAO6WyaYtCkcYCOx12ZgpGf9Zif+qXa4n+oYzK558YryKqiL6UWwd5DqiH3VRW0GYhTZQ/vlgJrCoNQlg==", + "license": "MIT", + "dependencies": { + "follow-redirects": "^1.15.6", + "form-data": "^4.0.4", + "proxy-from-env": "^1.1.0" + } + }, "node_modules/@mojaloop/central-services-shared/node_modules/dotenv": { "version": "17.2.3", "resolved": "https://registry.npmjs.org/dotenv/-/dotenv-17.2.3.tgz", @@ -2440,6 +2451,17 @@ "jws": "4.0.1" } }, + "node_modules/@mojaloop/sdk-standard-components/node_modules/axios": { + "version": "1.13.4", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.13.4.tgz", + "integrity": "sha512-1wVkUaAO6WyaYtCkcYCOx12ZgpGf9Zif+qXa4n+oYzK558YryKqiL6UWwd5DqiH3VRW0GYhTZQ/vlgJrCoNQlg==", + "license": "MIT", + "dependencies": { + "follow-redirects": "^1.15.6", + "form-data": "^4.0.4", + "proxy-from-env": "^1.1.0" + } + }, "node_modules/@mongodb-js/saslprep": { "version": "1.4.4", "resolved": "https://registry.npmjs.org/@mongodb-js/saslprep/-/saslprep-1.4.4.tgz", @@ -3864,12 +3886,13 @@ } }, "node_modules/axios": { - "version": "1.13.4", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.13.4.tgz", - "integrity": "sha512-1wVkUaAO6WyaYtCkcYCOx12ZgpGf9Zif+qXa4n+oYzK558YryKqiL6UWwd5DqiH3VRW0GYhTZQ/vlgJrCoNQlg==", + "version": "1.13.5", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.13.5.tgz", + "integrity": "sha512-cz4ur7Vb0xS4/KUN0tPWe44eqxrIu31me+fbang3ijiNscE129POzipJJA6zniq2C/Z6sJCjMimjS8Lc/GAs8Q==", + "license": "MIT", "dependencies": { - "follow-redirects": "^1.15.6", - "form-data": "^4.0.4", + "follow-redirects": "^1.15.11", + "form-data": "^4.0.5", "proxy-from-env": "^1.1.0" } }, diff --git a/package.json b/package.json index 5a6cf1fd..f16ef474 100644 --- a/package.json +++ b/package.json @@ -88,7 +88,7 @@ "adm-zip": "0.5.16", "ajv-formats": "3.0.1", "atob": "2.1.2", - "axios": "1.13.4", + "axios": "1.13.5", "chai": "4.4.1", "connection-string": "^5.0.0", "cookie-parser": "1.4.7",