From 89b94f844ec91b70486e27b8834c76831f07c238 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sun, 1 Dec 2024 06:01:39 +0000
Subject: [PATCH] fix: package.json & yarn.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-AXIOS-6671926
---
 package.json |  2 +-
 yarn.lock    | 11 ++++++++++-
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/package.json b/package.json
index a5edce5d..07ef7daa 100644
--- a/package.json
+++ b/package.json
@@ -55,7 +55,7 @@
     "@types/node-fetch": "^2.6.4",
     "@types/ref-struct-di": "^1.1.9",
     "@types/ws": "^8.5.4",
-    "axios": "^1.4.0",
+    "axios": "^1.7.8",
     "body-parser": "^1.20.0",
     "cors": "^2.8.5",
     "dotenv": "^16.4.5",
diff --git a/yarn.lock b/yarn.lock
index 486caa5d..a4afa1c2 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -2803,7 +2803,7 @@ available-typed-arrays@^1.0.7:
   dependencies:
     possible-typed-array-names "^1.0.0"
 
-axios@^1.4.0, axios@^1.6.3:
+axios@^1.6.3:
   version "1.7.3"
   resolved "https://registry.yarnpkg.com/axios/-/axios-1.7.3.tgz#a1125f2faf702bc8e8f2104ec3a76fab40257d85"
   integrity sha512-Ar7ND9pU99eJ9GpoGQKhKf58GpUOgnzuaB7ueNQ5BMi0p+LZ5oaEnfF999fAArcTIBwXTCHAmGcHOZJaWPq9Nw==
@@ -2812,6 +2812,15 @@ axios@^1.4.0, axios@^1.6.3:
     form-data "^4.0.0"
     proxy-from-env "^1.1.0"
 
+axios@^1.7.8:
+  version "1.7.8"
+  resolved "https://registry.yarnpkg.com/axios/-/axios-1.7.8.tgz#1997b1496b394c21953e68c14aaa51b7b5de3d6e"
+  integrity sha512-Uu0wb7KNqK2t5K+YQyVCLM76prD5sRFjKHbJYCP1J7JFGEQ6nN7HWn9+04LAeiJ3ji54lgS/gZCH1oxyrf1SPw==
+  dependencies:
+    follow-redirects "^1.15.6"
+    form-data "^4.0.0"
+    proxy-from-env "^1.1.0"
+
 b64-lite@^1.3.1, b64-lite@^1.4.0:
   version "1.4.0"
   resolved "https://registry.yarnpkg.com/b64-lite/-/b64-lite-1.4.0.tgz#e62442de11f1f21c60e38b74f111ac0242283d3d"