Updates dependencies so that vulnerabilities are no longer present.

[OIRNOIR]

This may need additional testing, as I was unable to test it. However, I looked through the code and saw that all of the uses of axios seem to remain unchanged through the updated versions. If your environment is setup to test, please test this code before merging and suggest any changes that may need to be made!

Fixes #76

[buffcode]

@Unitech Would you mind to review / merge this? The latest matching axios version (0.21.4) was released Sep 6, 2021.

[OIRNOIR]

@Unitech I'm sorry to bother you. Are you alive? It would be great if you could review this PR so that this vulnerability can be fixed.

[humanscape-chan]

hi. we installed pm2 package in our koa service lately.
our service's current version of axios is 1.6.2
I'm not sure it's related with axios version, but pm2's option --watct is not working in our product environment.
except that, pm2 with axios 1.6.0 version is working well.

[guizzo]

LGTM

[adilatilgan]

I do not think this PR will build, (browserify) I am struggling with alarm for this one as well, I think this repo is dead, try to figure out my self.

[OIRNOIR]

I do not think this PR will build, (browserify) I am struggling with alarm for this one as well, I think this repo is dead, try to figure out my self.

I fixed it not building, thanks for letting me know. Tests are still broken though.

There's a workaround for anyone who really needs this vulnerability fixed. If you put the following into your project's package.json (depending on your package manager), you should be fine!

NPM:

"overrides": {
	"axios": "^1.6.5"
}

PNPM:

"pnpm": {
	"overrides": {
		"axios": "^1.6.5"
	}
}

Yarn:

"resolutions": {
	"axios": "^1.6.5"
}

@Unitech How do these recent commits look?

[mrhammadasif]

LGTM
How about updating the axios to 1.6.5 ??

[OIRNOIR]

LGTM How about updating the axios to 1.6.5 ??

Done!