Skip to content

Commit ddb284b

Browse files
makowskidclaude
andcommitted
Bump to 1.3.2: upgrade axios to 1.16.1 (security fixes)
Upgrade axios 1.14.0 -> 1.16.1 to remediate the Snyk-reported vulnerabilities (Prototype Pollution, HTTP Response Splitting, Uncontrolled Recursion, SSRF, CRLF injection, et al.). All flagged issues are fixed by axios >= 1.15.2; 1.16.1 includes them plus later patches. Also realigns the lockfile version (was drifting at 1.3.0). Tests: 42/42 passing. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
1 parent dc50d38 commit ddb284b

2 files changed

Lines changed: 38 additions & 14 deletions

File tree

package-lock.json

Lines changed: 36 additions & 12 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

package.json

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
{
22
"name": "@sharpapi/sharpapi-node-core",
3-
"version": "1.3.1",
3+
"version": "1.3.2",
44
"description": "SharpAPI.com Node.js SDK Core - Shared functionality for SharpAPI clients",
55
"main": "src/index.js",
66
"scripts": {
@@ -22,7 +22,7 @@
2222
"author": "Dawid Makowski <contact@sharpapi.com>",
2323
"license": "MIT",
2424
"dependencies": {
25-
"axios": "^1.13.5",
25+
"axios": "^1.16.1",
2626
"form-data": "^4.0.4"
2727
},
2828
"devDependencies": {

0 commit comments

Comments
 (0)