From e621b3cbdd6e090830044598465122c3438186f8 Mon Sep 17 00:00:00 2001
From: Zach Leventer <zleventer@gmail.com>
Date: Fri, 24 Apr 2026 10:28:02 -0400
Subject: [PATCH] chore(deps): bump axios from ^0.21.1 to ^1.9.0

Addresses CVE-2023-45857 (SSRF via forged server-side requests when
axios follows redirects with credentials) and CVE-2024-39338 (SSRF
bypass via cross-origin redirect). The 0.x line is unsupported;
1.x is the current stable series.
---
 package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package.json b/package.json
index 2c548af3..debb8087 100644
--- a/package.json
+++ b/package.json
@@ -77,7 +77,7 @@
     "@types/uuid": "^8.3.0",
     "@typescript-eslint/eslint-plugin": "^4.0.0",
     "@typescript-eslint/parser": "^4.0.0",
-    "axios": "^0.21.1",
+    "axios": "^1.9.0",
     "babel-eslint": "^10.0.0",
     "babel-jest": "^26.6.3",
     "babel-preset-gatsby": "^1.4.0",