Pin axios to 1.14.0

Avoid possible supply chain attacks in future caused by compromised author account or even rogue author.
2026-04-18 18:54:07 +00:00 · 2026-04-02 16:14:14 +02:00
parent 3ceb08bc31
commit 0be747a483
2 changed files with 2 additions and 2 deletions
--- a/package.json
+++ b/package.json
@@ -38,7 +38,7 @@
    "@vuelidate/core": "^2.0.3",
    "@vuelidate/validators": "^2.0.4",
    "@vueuse/core": "^12.4.0",
-    "axios": "^1",
+    "axios": "1.14.0",
    "chart.js": "^2.9.4",
    "guid": "^0.0.12",
    "laravel-vite-plugin": "^3.0.0",
--- a/yarn.lock
+++ b/yarn.lock
@@ -734,7 +734,7 @@ asynckit@^0.4.0:
  resolved "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz"
  integrity sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==

-axios@^1:
+axios@1.14.0:
  version "1.14.0"
  resolved "https://registry.npmjs.org/axios/-/axios-1.14.0.tgz"
  integrity sha512-3Y8yrqLSwjuzpXuZ0oIYZ/XGgLwUIBU3uLvbcpb0pidD9ctpShJd43KSlEEkVQg6DS0G9NKyzOvBfUtDKEyHvQ==