-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix axios peer dependency version #1188
Conversation
i agree with this approach. we'll move forward with this and see how it goes. if we absolutely must add it back as a dependency, then we will. |
closes #1180 |
I don't know exactly what you guys did, but the latest version of This is the runtime error that we get when we try to open any endpoing that imports
|
alright, i think we need to add axios as an explicit dependency (i.e. merge #1180). @alfaproject please monitor #1180 . |
This doesn't seem related to axios, it seems related to formidable and webpack. |
Ok my bad, but either way I won’t be able to upgrade node-soap, meh ): |
node_modules/nestjs-soap/node_modules/axios
soap 0.40.0 - 0.44.0 || >=1.0.0
Depends on vulnerable versions of axios
node_modules/nestjs-soap/node_modules/soap
nestjs-soap 2.0.0 - 2.2.1 || >=3.0.1
Depends on vulnerable versions of soap
node_modules/nestjs-soap
|
This fixes the issue mentioned in #1180. It should remain a peer dependency since its types are exposed by this library, but the version restriction should be loosened. Hopefully this can be released soon as the current version of the library cannot be installed if a user has a direct dependency on a newer version of axios.