Skip to content

Commit

Permalink
Upgraded Axios version
Browse files Browse the repository at this point in the history 
Current Axios version was 0.21.4, this version has a CSRF vulnerability.
axios/axios#6022.

v1.6.0 has fixed this problem, upgrade Axios to that version.
Reference: axios/axios#6028

The package-lock.json was generated by pointing bitbake at my local repo
and building the image. devtool modify -n  webui-vue <local repo>

This uses the npm version in yocto 10.4.0.

Tested: Loaded this on a p10bmc and GUI looked good.

Signed-off-by: Nikhil Ashoka <a.nikhil@ibm.com>
Change-Id: Ifb0d64c7d4d15d2396ee6d83d609ab8522d9e247
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
  • Loading branch information
@Nikhil-Ashoka @gtmills
Nikhil-Ashoka authored and gtmills committed Apr 2, 2024
1 parent 264589a commit 129aecd
Show file tree
Hide file tree
Showing 2 changed files with 71 additions and 34 deletions.
103 changes: 70 additions & 33 deletions package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion package.json
View file
Expand Up @@ -17,7 +17,7 @@
"dependencies": {
"@carbon/icons-vue": "10.28.0",
"@novnc/novnc": "1.2.0",
"axios": "0.21.4",
"axios": "1.6.0",
"bootstrap": "4.6.0",
"bootstrap-vue": "2.21.2",
"core-js": "3.9.1",
Expand Down

0 comments on commit 129aecd

Please sign in to comment.