From dfa0ea8bbee60512d72901a1836bb7f0245e0b9f Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 10 Apr 2026 12:19:09 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-AXIOS-15965856 --- package-lock.json | 35 +++++++++++++++++++++++------------ package.json | 2 +- 2 files changed, 24 insertions(+), 13 deletions(-) diff --git a/package-lock.json b/package-lock.json index 395c521..4e9e189 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "doc2vec", - "version": "2.7.0", + "version": "2.9.2", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "doc2vec", - "version": "2.7.0", + "version": "2.9.2", "license": "ISC", "dependencies": { "@aws-sdk/client-s3": "^3.1004.0", @@ -14,7 +14,7 @@ "@mozilla/readability": "^0.4.4", "@qdrant/js-client-rest": "^1.13.0", "@qdrant/qdrant-js": "^1.13.0", - "axios": "^1.6.2", + "axios": "^1.15.0", "better-sqlite3": "^11.9.1", "chalk": "^5.4.1", "cheerio": "^1.0.0-rc.12", @@ -3354,13 +3354,23 @@ "integrity": "sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==" }, "node_modules/axios": { - "version": "1.8.4", - "resolved": "https://registry.npmjs.org/axios/-/axios-1.8.4.tgz", - "integrity": "sha512-eBSYY4Y68NNlHbHBMdeDmKNtDgXWhQsJcGqzO3iLUM0GraQFSS9cVgPX5I9b3lbdFKyYoAEGAZF1DwhTaljNAw==", + "version": "1.15.0", + "resolved": "https://registry.npmjs.org/axios/-/axios-1.15.0.tgz", + "integrity": "sha512-wWyJDlAatxk30ZJer+GeCWS209sA42X+N5jU2jy6oHTp7ufw8uzUTVFBX9+wTfAlhiJXGS0Bq7X6efruWjuK9Q==", + "license": "MIT", "dependencies": { - "follow-redirects": "^1.15.6", - "form-data": "^4.0.0", - "proxy-from-env": "^1.1.0" + "follow-redirects": "^1.15.11", + "form-data": "^4.0.5", + "proxy-from-env": "^2.1.0" + } + }, + "node_modules/axios/node_modules/proxy-from-env": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-2.1.0.tgz", + "integrity": "sha512-cJ+oHTW1VAEa8cJslgmUZrc+sjRKgAKl3Zyse6+PV38hZe/V6Z14TbCuXcan9F9ghlz4QrFr2c92TNF82UkYHA==", + "license": "MIT", + "engines": { + "node": ">=10" } }, "node_modules/b4a": { @@ -4340,15 +4350,16 @@ "integrity": "sha512-0Zt+s3L7Vf1biwWZ29aARiVYLx7iMGnEUl9x33fbB/j3jR81u/O2LbqK+Bm1CDSNDKVtJ/YjwY7TUd5SkeLQLw==" }, "node_modules/follow-redirects": { - "version": "1.15.9", - "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.9.tgz", - "integrity": "sha512-gew4GsXizNgdoRyqmyfMHyAmXsZDk6mHkSxZFCzW9gwlbtOW44CDtYavM+y+72qD/Vq2l550kMF52DT8fOLJqQ==", + "version": "1.15.11", + "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.11.tgz", + "integrity": "sha512-deG2P0JfjrTxl50XGCDyfI97ZGVCxIpfKYmfyrQ54n5FO/0gfIES8C/Psl6kWVDolizcaaxZJnTS0QSMxvnsBQ==", "funding": [ { "type": "individual", "url": "https://github.com/sponsors/RubenVerborgh" } ], + "license": "MIT", "engines": { "node": ">=4.0" }, diff --git a/package.json b/package.json index be71aee..f3c705c 100644 --- a/package.json +++ b/package.json @@ -34,7 +34,7 @@ "@mozilla/readability": "^0.4.4", "@qdrant/js-client-rest": "^1.13.0", "@qdrant/qdrant-js": "^1.13.0", - "axios": "^1.6.2", + "axios": "^1.15.0", "better-sqlite3": "^11.9.1", "chalk": "^5.4.1", "cheerio": "^1.0.0-rc.12",