Commit dd7729a
Pin axios to 1.13.5 to avoid compromised version (#1528)
* Pin axios to 1.13.5 to avoid compromised version
- Remove caret from axios override to pin exactly to 1.13.5
- Prevents npm from resolving to axios@1.14.1 which was found to
contain a Remote Access Trojan via hijacked npm credentials
- axios is a transitive dep via @fluidframework/server-services-client
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* Update package-lock.json with pinned axios 1.13.5
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Priyanshu Agrawal <priyanshuag@Priyanshus-MacBook-Pro.local>
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>1 parent 3c5d101 commit dd7729a
2 files changed
Lines changed: 12 additions & 11 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1852 | 1852 | | |
1853 | 1853 | | |
1854 | 1854 | | |
1855 | | - | |
| 1855 | + | |
1856 | 1856 | | |
1857 | 1857 | | |
1858 | 1858 | | |
| |||
0 commit comments