arpitjain099 opened a new pull request, #63185:
URL: https://github.com/apache/doris/pull/63185
### What problem does this PR solve?
Issue Number: N/A
Related PR: N/A
Problem Summary:
The legacy UI package depends on `axios` `^0.19.2`, which is affected by
known security advisories. This updates the dependency to a patched release
line (`^1.16.0`) to reduce exposure from vulnerable transitive HTTP client
behavior.
### Release note
None
### Check List (For Author)
- Test
- [ ] Regression test
- [ ] Unit Test
- [x] Manual test (add detailed scripts or steps below)
- Ran `npm install --ignore-scripts --no-package-lock` in `ui/` to
verify dependency resolution after the version bump.
- [ ] No need to test or manual test. Explain why:
- [ ] This is a refactor/code format and no logic has been changed.
- [ ] Previous test can cover this change.
- [ ] No code files have been changed.
- [ ] Other reason
- Behavior changed:
- [x] No.
- [ ] Yes.
- Does this need documentation?
- [x] No.
- [ ] Yes.
### Check List (For Reviewer who merge this PR)
- [ ] Confirm the release note
- [ ] Confirm test cases
- [ ] Confirm document
- [ ] Add branch pick label
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
