diff --git a/packages/api-v4/.changeset/pr-10291-tech-stories-1710770920874.md b/packages/api-v4/.changeset/pr-10291-tech-stories-1710770920874.md new file mode 100644 index 00000000000..4d719b8a791 --- /dev/null +++ b/packages/api-v4/.changeset/pr-10291-tech-stories-1710770920874.md @@ -0,0 +1,5 @@ +--- +"@linode/api-v4": Tech Stories +--- + +Update `axios` to resolve `follow-redirects` CVE-2024-28849 ([#10291](https://github.com/linode/manager/pull/10291)) diff --git a/packages/api-v4/package.json b/packages/api-v4/package.json index 4b13695ece2..1ea8690d26c 100644 --- a/packages/api-v4/package.json +++ b/packages/api-v4/package.json @@ -41,7 +41,7 @@ "unpkg": "./lib/index.global.js", "dependencies": { "@linode/validation": "*", - "axios": "~1.6.5", + "axios": "~1.6.8", "ipaddr.js": "^2.0.0", "yup": "^0.32.9" }, diff --git a/packages/manager/.changeset/pr-10291-tech-stories-1710770854595.md b/packages/manager/.changeset/pr-10291-tech-stories-1710770854595.md new file mode 100644 index 00000000000..82612132b73 --- /dev/null +++ b/packages/manager/.changeset/pr-10291-tech-stories-1710770854595.md @@ -0,0 +1,5 @@ +--- +"@linode/manager": Tech Stories +--- + +Update `axios` to resolve `follow-redirects` CVE-2024-28849 ([#10291](https://github.com/linode/manager/pull/10291)) diff --git a/packages/manager/package.json b/packages/manager/package.json index 5b59d08dabd..bf5bbed9477 100644 --- a/packages/manager/package.json +++ b/packages/manager/package.json @@ -27,7 +27,7 @@ "@tanstack/react-query": "4.36.1", "@tanstack/react-query-devtools": "4.36.1", "algoliasearch": "^4.14.3", - "axios": "~1.6.5", + "axios": "~1.6.8", "braintree-web": "^3.92.2", "chart.js": "~2.9.4", "copy-to-clipboard": "^3.0.8", diff --git a/yarn.lock b/yarn.lock index e3992646f1a..d23693d56b6 100644 --- a/yarn.lock +++ b/yarn.lock @@ -4969,12 +4969,12 @@ axios-mock-adapter@^1.22.0: fast-deep-equal "^3.1.3" is-buffer "^2.0.5" -axios@~1.6.5: - version "1.6.7" - resolved "https://registry.yarnpkg.com/axios/-/axios-1.6.7.tgz#7b48c2e27c96f9c68a2f8f31e2ab19f59b06b0a7" - integrity sha512-/hDJGff6/c7u0hDkvkGxR/oy6CbCs8ziCsC7SqmhjfozqiJGc8Z11wrv9z9lYfY4K8l+H9TpjcMDX0xOZmx+RA== +axios@~1.6.8: + version "1.6.8" + resolved "https://registry.yarnpkg.com/axios/-/axios-1.6.8.tgz#66d294951f5d988a00e87a0ffb955316a619ea66" + integrity sha512-v/ZHtJDU39mDpyBoFVkETcd/uNdxrWRrg3bKpOKzXFA6Bvqopts6ALSMU3y6ijYxbw2B+wPrIv46egTzJXCLGQ== dependencies: - follow-redirects "^1.15.4" + follow-redirects "^1.15.6" form-data "^4.0.0" proxy-from-env "^1.1.0" @@ -7592,10 +7592,10 @@ flow-parser@0.*: resolved "https://registry.yarnpkg.com/flow-parser/-/flow-parser-0.228.0.tgz#0b801507c8cf44257338596b49bd0904caea2026" integrity sha512-xPWkzCO07AnS8X+fQFpWm+tJ+C7aeaiVzJ+rSepbkCXUvUJ6l6squEl63axoMcixyH4wLjmypOzq/+zTD0O93w== -follow-redirects@^1.15.4: - version "1.15.5" - resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.15.5.tgz#54d4d6d062c0fa7d9d17feb008461550e3ba8020" - integrity sha512-vSFWUON1B+yAw1VN4xMfxgn5fTUiaOzAJCKBwIIgT/+7CuGy9+r+5gITvP62j3RmaD5Ph65UaERdOSRGUzZtgw== +follow-redirects@^1.15.6: + version "1.15.6" + resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.15.6.tgz#7f815c0cda4249c74ff09e95ef97c23b5fd0399b" + integrity sha512-wWN62YITEaOpSK584EZXJafH1AGpO8RVgElfkuXbTOrPX4fIfOyEpW/CsiNd8JdYrAoOvafRTOEnvsO++qCqFA== font-logos@^0.18.0: version "0.18.0"