update axios and ws to patch security issue (unexploitable in our case)

2024-10-15 22:00:39 -04:00 · 2024-10-15 22:00:39 -04:00 · af3bb7346e
commit af3bb7346e
parent 1f53df66d4
2 changed files with 13 additions and 13 deletions
--- a/packages/megalodon/package.json
+++ b/packages/megalodon/package.json
@ -62,7 +62,7 @@
    "@types/parse-link-header": "^2.0.3",
    "@types/uuid": "^9.0.7",
    "@types/ws": "^8.5.10",
-    "axios": "1.6.0",
+    "axios": "1.7.4",
    "dayjs": "^1.11.10",
    "form-data": "^4.0.0",
    "https-proxy-agent": "^7.0.2",
@ -72,7 +72,7 @@
    "socks-proxy-agent": "^8.0.2",
    "typescript": "5.1.6",
    "uuid": "^9.0.1",
-    "ws": "8.14.2"
+    "ws": "8.17.1"
  },
  "devDependencies": {
    "@typescript-eslint/eslint-plugin": "^6.12.0",
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@ -1291,8 +1291,8 @@ importers:
        specifier: ^8.5.10
        version: 8.5.11
      axios:
-        specifier: 1.6.0
-        version: 1.6.0
+        specifier: 1.7.4
+        version: 1.7.4
      dayjs:
        specifier: ^1.11.10
        version: 1.11.10
@ -1321,8 +1321,8 @@ importers:
        specifier: ^9.0.1
        version: 9.0.1
      ws:
-        specifier: 8.14.2
-        version: 8.14.2(bufferutil@4.0.8)(utf-8-validate@6.0.4)
+        specifier: 8.17.1
+        version: 8.17.1(bufferutil@4.0.8)(utf-8-validate@6.0.4)
    devDependencies:
      '@typescript-eslint/eslint-plugin':
        specifier: ^6.12.0
@ -5584,8 +5584,8 @@ packages:
  axios@0.24.0:
    resolution: {integrity: sha512-Q6cWsys88HoPgAaFAVUb0WpPk0O8iTeisR9IMqy9G8AbO4NlpVknrnQS03zzF9PGAWgO3cgletO3VjV/P7VztA==}

-  axios@1.6.0:
-    resolution: {integrity: sha512-EZ1DYihju9pwVB+jg67ogm+Tmqc6JmhamRN6I4Zt8DfZu5lbcQGw3ozH9lFejSJgs/ibaef3A9PMXPLeefFGJg==}
+  axios@1.7.4:
+    resolution: {integrity: sha512-DukmaFRnY6AzAALSH4J2M3k6PkaC+MfaAGdEERRWcC9q3/TWQwLpHR8ZRLKTdQ3aBDL64EdluRDjJqKw+BPZEw==}

  axios@1.7.7:
    resolution: {integrity: sha512-S4kL7XrjgBmvdGut0sN3yJxqYzrDOnivkBiN0OFs6hLiUam3UPvswUo0kqGyhqUZGEOytHyumEdXsAkgCOUf3Q==}
@ -11554,8 +11554,8 @@ packages:
    resolution: {integrity: sha512-7KxauUdBmSdWnmpaGFg+ppNjKF8uNLry8LyzjauQDOVONfFLNKrKvQOxZ/VuTIcS/gge/YNahf5RIIQWTSarlg==}
    engines: {node: ^12.13.0 || ^14.15.0 || >=16.0.0}

-  ws@8.14.2:
-    resolution: {integrity: sha512-wEBG1ftX4jcglPxgFCMJmZ2PLtSbJ2Peg6TmpJFTbe9GZYOQCDPdMYu/Tm0/bGZkw8paZnJY45J4K2PZrLYq8g==}
+  ws@8.17.1:
+    resolution: {integrity: sha512-6XQFvXTkbfUOZOKKILFG1PDK2NDQs4azKQl26T0YS5CxqWLgXajbPZ+h4gZekJyRqFU8pvnbAbbs/3TgRPy+GQ==}
    engines: {node: '>=10.0.0'}
    peerDependencies:
      bufferutil: ^4.0.1
@ -16686,9 +16686,9 @@ snapshots:
    transitivePeerDependencies:
      - debug

-  axios@1.6.0:
+  axios@1.7.4:
    dependencies:
-      follow-redirects: 1.15.2
+      follow-redirects: 1.15.9(debug@4.3.7)
      form-data: 4.0.0
      proxy-from-env: 1.1.0
    transitivePeerDependencies:
@ -24004,7 +24004,7 @@ snapshots:
      imurmurhash: 0.1.4
      signal-exit: 3.0.7

-  ws@8.14.2(bufferutil@4.0.8)(utf-8-validate@6.0.4):
+  ws@8.17.1(bufferutil@4.0.8)(utf-8-validate@6.0.4):
    optionalDependencies:
      bufferutil: 4.0.8
      utf-8-validate: 6.0.4