feat: revise axios version reasons in package.json (#287)

iola1999 · web-flow · commit 00668b1356b9 · 2026-03-31T02:44:43.000Z
Updated axios version reasons for security awareness.

&lt;!-- This is an auto-generated comment: release notes by coderabbit.ai
--&gt;

## Summary by CodeRabbit

* **Chores**
* Updated security advisory reference for axios dependency to current
security resource.
  * Added configuration entry for axios version management.

&lt;!-- end of auto-generated comment: release notes by coderabbit.ai --&gt;

Signed-off-by: iola1999 &lt;iola1999@foxmail.com&gt;
diff --git a/package.json b/package.json
@@ -1638,7 +1638,11 @@
       "axios": {
         "1.14.1": {
           "version": "1.14.0",
-          "reason": "https://github.com/axios/axios/issues/10596"
+          "reason": "https://www.stepsecurity.io/blog/axios-compromised-on-npm-malicious-versions-drop-remote-access-trojan"
+        },
+        "0.30.4": {
+          "version": "0.30.3",
+          "reason": "https://www.stepsecurity.io/blog/axios-compromised-on-npm-malicious-versions-drop-remote-access-trojan"
         }
       },
       "ts-gaussian": {
