fix: bump axios to 1.15.0 to address CVE-2025-62718 and issue #103

[clutester]

Description

This PR bumps the axios dependency in the Magma frontend to version 1.15.0 to patch a recently disclosed supply chain vulnerability.

Fixes #103

Motivation and Context

CVE-2025-62718 outlines a supply chain compromise affecting older versions of the axios HTTP client. Updating to 1.15.0 (or above) mitigates this vulnerability and secures the Magma plugin's API communication layer.

Changes Made

• Executed npm install axios@^1.15.0.
• Updated package.json to reflect the new minimum version requirement.
• Regenerated package-lock.json to lock in the secure dependency tree and purge compromised hashes.

How Has This Been Tested?

• Verified successful compilation via npm run build.
• Ran the local development server to confirm $api HTTP requests (login, data fetching) still execute flawlessly with the updated package.

[Copilot]

Pull request overview

Bumps the frontend’s axios dependency to a newer version to address a reported supply-chain vulnerability impacting API communication.

Changes:

• Updated axios version constraint in package.json to ^1.15.0.
• Regenerated package-lock.json to lock axios@1.15.0 and updated transitive dependencies (follow-redirects, form-data, proxy-from-env).

Reviewed changes

Copilot reviewed 1 out of 2 changed files in this pull request and generated 1 comment.

File	Description
package.json	Raises the minimum axios version requirement to ^1.15.0.
package-lock.json	Updates the lockfile to install axios@1.15.0 and refreshes related dependency metadata.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.