Commit c825692
committed
fix(security): pin axios to ^1.15.0 to remediate CVE-2025-58754
Axios versions 1.9.0-1.13.4 are vulnerable to DoS via large data schemes.
Force resolution to ^1.15.0 (resolves to 1.18.0) via npm overrides.
Regenerated package-lock.json for npm ci compatibility.
Refs: CVE-2025-587541 parent e6febe6 commit c825692
2 files changed
Lines changed: 28 additions & 30 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
119 | 119 | | |
120 | 120 | | |
121 | 121 | | |
| 122 | + | |
| 123 | + | |
| 124 | + | |
122 | 125 | | |
123 | 126 | | |
0 commit comments