Update vulnerable axios dependency

[jpreynat]

The version of axios in use (0.26.1) has a moderate-severity vulnerability CVE-2023-45857
.

This is fixed in version 1.6.0 and above.

[bwoskow-ld]

Hi @jpreynat , thanks for reaching out about this issue. This library along with our other api-client-* repositories are produced by a code generator based on our OpenAPI specification. As a result we don't have full or easy control over which dependency versions are in use. That said, we certainly understand why you're requesting that we bump to a newer axios version. I'm adding this to our backlog for us to look into.

Filed internally as 226927.

[jpreynat]

Sounds good @bwoskow-ld, thanks for taking it into account 👍

[jpreynat]

Hi @bwoskow-ld, any news on this one?

[bwoskow-ld]

Not yet.

[cylewaitforit]

It looks like in v7.2.0 Open API Generator addressed this. https://github.com/OpenAPITools/openapi-generator/releases/tag/v7.2.0

[ldhenry]

Hey @jpreynat and @cylewaitforit, we updated the axios dependency in https://github.com/launchdarkly/api-client-typescript/releases/tag/16.1.1. Let us know if you run into an issues.

[jpreynat]

Thanks @ldhenry, I've finally updated the dependency on our end, and everything seems ok 👍