Skip to content

📦️ update vulnerable axios package to ^1.12.0#995

Merged
wing328 merged 2 commits intoOpenAPITools:masterfrom
stefanherdy:package-vulnerability-fix
Sep 13, 2025
Merged

📦️ update vulnerable axios package to ^1.12.0#995
wing328 merged 2 commits intoOpenAPITools:masterfrom
stefanherdy:package-vulnerability-fix

Conversation

@stefanherdy
Copy link
Contributor

This PR updates the Axios dependency 📦️ to fix (GHSA-4hjh-wcwx-xvwj) vulnerability.. The change was verified by running the initial CLI build/tests and confirming that client generation still works as expected.
🔍✅ The following test were performed to test the openapi-generator-cli 🚑️🔒️

Updated the Axios dependency
Ran the local build and CLI tests successfully.
Generated both TypeScript and Python clients from a custom test specification.
npm run cli -- generate -i samples/test.yaml -g typescript-fetch -o tmp-client
npm run cli -- generate -i samples/test.yaml -g python -o tmp-client
Verified that the generated clients were built correctly and run as expected without errors.
Environment

Node.js v22.14.0,
NPM 10.9.2
java version "24.0.2" 2025-07-15
Java(TM) SE Runtime Environment (build 24.0.2+12-54)
Java HotSpot(TM) 64-Bit Server VM (build 24.0.2+12-54, mixed mode, sharing)
TypeScript 5.9.2
Python 3.11

@stefanherdy stefanherdy deleted the package-vulnerability-fix branch September 12, 2025 18:46
@stefanherdy stefanherdy restored the package-vulnerability-fix branch September 12, 2025 18:46
@stefanherdy stefanherdy reopened this Sep 12, 2025
@wing328 wing328 merged commit dcde76b into OpenAPITools:master Sep 13, 2025
3 checks passed
@stefanherdy stefanherdy deleted the package-vulnerability-fix branch September 14, 2025 18:57
@github-actions
Copy link

🎉 This PR is included in version 2.23.2 🎉

The release is available on:

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants