-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Upgrade axios to latest version #11987
Comments
Hi @AuthorProxy thanks for opening this feature request. Updating the version of axios is something that we are discussing internally and will provide a follow up soon. Also, I have re-added the additional fields from the issue template as well to match with other FR in our repo 😄 |
if it is possible - plz add possibility to setup interceptors and setup defaults, give access to internal axios instance |
This feature request just gained a lot of urgency with this CSRF vulnerability report from Snyk. See the issue in axios's repo here and here. It's not clear to me that any version of axios does not suffer from this, so upgrading to v1 may or may not be helpful in this regard. But assuming a patch is incoming soon, an upgrade of some kind will be necessary from |
Axios has now patched the issue in v1.6.0 |
Hi @milotoor thank you for sharing this! - The team is currently working to address this and will provide some updates soon. |
As a temporary work around you can add:
To your |
Hello @AuthorProxy and @milotoor, Thank you for reaching out regarding the Axios package flagged by your report. On November 6, 2023, Amplify has published a new version of the aws-amplify package, version 5.3.12, which upgrades our Axios dependency from 0.26.0 to 1.6.0. We recommend that you upgrade to the latest version of aws-amplify to address this issue. |
Is this related to a new or existing framework?
No response
Is this related to a new or existing API?
No response
Is this related to another service?
No response
Describe the feature you'd like to request
Upgrade axios to latest version
Describe the solution you'd like
Upgrade axios to latest version
Describe alternatives you've considered
Upgrade axios to latest version
Additional context
No response
Is this something that you'd be interested in working on?
The text was updated successfully, but these errors were encountered: