Security issue in axios dependency - need to upgrade to >= 0.21.1

[djbobbydrake]

You need to update the axios dependency to >= 0.21.1

https://github.com/axios/axios/releases/tag/v0.21.1

[djbobbydrake]

Just following up here. It's been a year since this issue was created.

[chrys-unito]

Just following up here. It's been a year since this issue was created.

We have the same issue, any news on this ?

[moisesbites]

up

[malyavi-nochum]

Is this package maintained at all?

[djbobbydrake]

Bump

[aagranovExtend]

Can this be fixed ASAP?

[martin-badin]

Please upgrade to version 0.6.4. Reason

Users should change the default XSRF-TOKEN cookie name in the Axios configuration and manually include the corresponding header only in the specific places where it's necessary.

Remediation

Upgrade axios to version 1.6.4 or higher.

References

• GitHub Commit
• GitHub Issue
• GitHub Issue
• GitHub PR

[djbobbydrake]

If anyone's looking for an alternative IP geolocation API, I've stood one up at https://geoipfetcher.com. Documentation is here - https://docs.geoipfetcher.com/ip-geolocation/geoip/get-ip-geolocation-data. There's documentation on how to implement with nodejs (it's just using fetch to the given endpoint, so you aren't reliant on an unmanaged repo).