New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Updating follow-redirects to version 1.14.7 #4379
Updating follow-redirects to version 1.14.7 #4379
Conversation
This line of code, I believe, will use the most recent patch version when installing. "follow-redirects": "^1.14.4" As a result, when you try to install Axios, it will resolve to |
Hey, yes this works! Thanks for your comment. Is necessary to keep this PR just to update this library? |
You can use resolutions in your package.json "resolutions": {
"axios/follow-redirects": "^1.14.4"
} Then you can upgrade it with yarn with |
Cool thanks, I know you can do the resolutions and that it should install the latest, but I will still accept this PR as cutting a new release on axios will cause things like dependabot to send out notices to update, release should be out tonight :) |
Thanks for fixing this. Any idea on when it will be released? |
This was more for other people that came across this and needed a fast solution due to security concerns from SNYK. |
Hi @gussalesdev and team, Thanks for fixing this. |
Will be in the next few hours |
Thanks for the quick fix everyone! |
Seems like the release hasn't happened yet |
Any update on the release? We've had to point to the specific commit with the fix in it to unblock our pipeline at the moment. |
Any update ? Need to fix some modules on a big amount of servers .. 😅 |
Released 🎉 |
Co-authored-by: Gustavo Sales <gustavo@blastradius.ai>
I notice the current version of
axios@0.24.0
is using thefollow-redirects@1.14.6
and recently was discovered a security vulnerability that was fixed onfollow-redirects@1.14.7
.The overview of error is:
Here is the from
follow-redirects
commit with the fix that is currently on version1.14.7
: follow-redirects/follow-redirects@8b347cb.