You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I noticed that the day after the 7.1.0 release the Typescript projects Axios upgrade was merged in (to 1.6.1 which has no CVE associated with it): #14517 #14518 a460b7e
I also noticed that there have been a couple of PRs to do the upgrade and a couple of previous requests to release this version in various comments across the issues / PRs - which suggest this might be wanted by multiple people/projects.
Describe the solution you'd like
Release the current master version as 7.2.0 with the already merged axios upgrade in it.
Describe alternatives you've considered
The library we pull in to our project is @ory/client which is an authentication based library.
I assume they are reluctant to use a SNAPSHOT version of the generator for a public facing library
Additional context
Happy to help resolve any issues blocking the 7.2.0 release currently.
The text was updated successfully, but these errors were encountered:
Note if you're stuck on v0 axum waiting for this release, backporting efforts are still under way too.
For instance axios/axios#6091
If you're feeling brave you can target these commits as a v0 alternative.
Though it looks like an actual patch release should be available before long.
Hey,
Wasn't sure the best way to request this so apologies if this is incorrect.
Is your feature request related to a problem? Please describe.
Axios 0.27 has a high CVE associated with it. Version
openapi-generator@7.1.0
uses that version of Axios.I noticed that the day after the
7.1.0
release the Typescript projects Axios upgrade was merged in (to1.6.1
which has no CVE associated with it):#14517
#14518
a460b7e
I also noticed that there have been a couple of PRs to do the upgrade and a couple of previous requests to release this version in various comments across the issues / PRs - which suggest this might be wanted by multiple people/projects.
Describe the solution you'd like
Release the current
master
version as 7.2.0 with the already mergedaxios
upgrade in it.Describe alternatives you've considered
The library we pull in to our project is
@ory/client
which is an authentication based library.I assume they are reluctant to use a
SNAPSHOT
version of the generator for a public facing libraryAdditional context
Happy to help resolve any issues blocking the
7.2.0
release currently.The text was updated successfully, but these errors were encountered: