Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update Axios to 1.7.4 to remove high severity vulnerability #1874

Closed
1 of 7 tasks
Saku75 opened this issue Aug 15, 2024 · 1 comment · Fixed by #1875
Closed
1 of 7 tasks

Update Axios to 1.7.4 to remove high severity vulnerability #1874

Saku75 opened this issue Aug 15, 2024 · 1 comment · Fixed by #1875
Labels
pkg:web-api applies to `@slack/web-api` security semver:patch

Comments

@Saku75
Copy link

Saku75 commented Aug 15, 2024

As of yesterday, Axios fixed this vulnerability. How much work needs to be done to update Axios?

Let me know if i posted this correctly, wasn't sure what to call it.

Packages:

Select all that apply:

  • @slack/web-api
  • @slack/rtm-api
  • @slack/webhooks
  • @slack/oauth
  • @slack/socket-mode
  • @slack/types
  • I don't know

Requirements

Please read the Contributing guidelines and Code of Conduct before creating this issue or pull request. By submitting, you are agreeing to those rules.

@filmaj
Copy link
Contributor

filmaj commented Aug 15, 2024

The fix for this should be live in @slack/web-api v7.3.4.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
pkg:web-api applies to `@slack/web-api` security semver:patch
Projects
None yet
Development

Successfully merging a pull request may close this issue.

2 participants