mirror of https://github.com/openclaw/openclaw.git
build: pin axios to 1.13.6
Pin axios through pnpm overrides and collapse the lockfile to a single 1.13.6 resolution. This avoids accidental adoption of the compromised axios releases called out in the ongoing supply chain attack reports while upstream guidance settles.
This commit is contained in:
Gustavo Madeira Santana
parent
4d912e0451
commit
f8af407c86
|
|
@ -1241,6 +1241,7 @@
|
|||
"overrides": {
|
||||
"hono": "4.12.9",
|
||||
"@hono/node-server": "1.19.10",
|
||||
"axios": "1.13.6",
|
||||
"fast-xml-parser": "5.5.7",
|
||||
"request": "npm:@cypress/request@3.0.10",
|
||||
"request-promise": "npm:@cypress/request-promise@5.0.0",
|
||||
|
|
|
|||
|
|
@ -7,6 +7,7 @@ settings:
|
|||
overrides:
|
||||
hono: 4.12.9
|
||||
'@hono/node-server': 1.19.10
|
||||
axios: 1.13.6
|
||||
fast-xml-parser: 5.5.7
|
||||
request: npm:@cypress/request@3.0.10
|
||||
request-promise: npm:@cypress/request-promise@5.0.0
|
||||
|
|
@ -3773,9 +3774,6 @@ packages:
|
|||
resolution: {integrity: sha512-zJAaP9zxTcvTHRlejau3ZOY4V7SRpiByf3/dxx2uyKxxor19tpmpV2QRsTKikckwhaPmr2dVpxxMr7jOCYVp5g==}
|
||||
engines: {node: '>=6.0.0'}
|
||||
|
||||
axios@1.13.5:
|
||||
resolution: {integrity: sha512-cz4ur7Vb0xS4/KUN0tPWe44eqxrIu31me+fbang3ijiNscE129POzipJJA6zniq2C/Z6sJCjMimjS8Lc/GAs8Q==}
|
||||
|
||||
axios@1.13.6:
|
||||
resolution: {integrity: sha512-ChTCHMouEe2kn713WHbQGcuYrr6fXTBiu460OTwWrWob16g1bXn4vtz07Ope7ewMozJAnEquLk5lWQWtBig9DQ==}
|
||||
|
||||
|
|
@ -8282,7 +8280,7 @@ snapshots:
|
|||
dependencies:
|
||||
'@types/node': 24.10.13
|
||||
optionalDependencies:
|
||||
axios: 1.13.5
|
||||
axios: 1.13.6
|
||||
transitivePeerDependencies:
|
||||
- debug
|
||||
|
||||
|
|
@ -9269,7 +9267,7 @@ snapshots:
|
|||
'@slack/types': 2.20.0
|
||||
'@slack/web-api': 7.15.0
|
||||
'@types/express': 5.0.6
|
||||
axios: 1.13.5
|
||||
axios: 1.13.6
|
||||
express: 5.2.1
|
||||
path-to-regexp: 8.4.0
|
||||
raw-body: 3.0.2
|
||||
|
|
@ -9321,7 +9319,7 @@ snapshots:
|
|||
'@slack/types': 2.20.1
|
||||
'@types/node': 25.5.0
|
||||
'@types/retry': 0.12.0
|
||||
axios: 1.13.5
|
||||
axios: 1.13.6
|
||||
eventemitter3: 5.0.4
|
||||
form-data: 2.5.4
|
||||
is-electron: 2.2.2
|
||||
|
|
@ -10283,14 +10281,6 @@ snapshots:
|
|||
|
||||
await-to-js@3.0.0: {}
|
||||
|
||||
axios@1.13.5:
|
||||
dependencies:
|
||||
follow-redirects: 1.15.11
|
||||
form-data: 2.5.4
|
||||
proxy-from-env: 1.1.0
|
||||
transitivePeerDependencies:
|
||||
- debug
|
||||
|
||||
axios@1.13.6:
|
||||
dependencies:
|
||||
follow-redirects: 1.15.11
|
||||
|
|
|
|||
Loading…
Reference in New Issue