Frontend: Bump axios from 1.15.2 to 1.16.0 in package.json

The supply-chain compromise that drove the original 1.14.0 quarantine
(malicious 1.14.1/0.30.4 from a hijacked maintainer account) was fully
remediated upstream weeks ago, so 1.16.0 is safe. Keeps the exact-pin
style recommended for high-risk packages.
This commit is contained in:
Michael Mayer 2026-05-05 09:29:31 +00:00
parent c3fb3d53ca
commit 044af03a6d
2 changed files with 6 additions and 6 deletions

View file

@ -55,7 +55,7 @@
"@vue/language-server": "^3.2.8",
"@vue/test-utils": "^2.4.10",
"@vvo/tzdb": "^6.198.0",
"axios": "1.15.2",
"axios": "1.16.0",
"axios-mock-adapter": "^2.1.0",
"babel-loader": "^10.1.1",
"babel-plugin-istanbul": "^7.0.1",

10
package-lock.json generated
View file

@ -33,7 +33,7 @@
"@vue/language-server": "^3.2.8",
"@vue/test-utils": "^2.4.10",
"@vvo/tzdb": "^6.198.0",
"axios": "1.15.2",
"axios": "1.16.0",
"axios-mock-adapter": "^2.1.0",
"babel-loader": "^10.1.1",
"babel-plugin-istanbul": "^7.0.1",
@ -8306,12 +8306,12 @@
}
},
"node_modules/axios": {
"version": "1.15.2",
"resolved": "https://registry.npmjs.org/axios/-/axios-1.15.2.tgz",
"integrity": "sha512-wLrXxPtcrPTsNlJmKjkPnNPK2Ihe0hn0wGSaTEiHRPxwjvJwT3hKmXF4dpqxmPO9SoNb2FsYXj/xEo0gHN+D5A==",
"version": "1.16.0",
"resolved": "https://registry.npmjs.org/axios/-/axios-1.16.0.tgz",
"integrity": "sha512-6hp5CwvTPlN2A31g5dxnwAX0orzM7pmCRDLnZSX772mv8WDqICwFjowHuPs04Mc8deIld1+ejhtaMn5vp6b+1w==",
"license": "MIT",
"dependencies": {
"follow-redirects": "^1.15.11",
"follow-redirects": "^1.16.0",
"form-data": "^4.0.5",
"proxy-from-env": "^2.1.0"
}