From 37fdd4daac3d47c1ca17b0d9c9a1e3eb10e42405 Mon Sep 17 00:00:00 2001
From: khadar1020 <khadarvsk@gmail.com>
Date: Sun, 12 Apr 2026 08:37:46 +0530
Subject: [PATCH] fix(deps): upgrade axios to 1.15.0 to fix CVE-2025-62718

---
 package-lock.json | 8 ++++----
 package.json      | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index b573c896..00eefc09 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -10,14 +10,14 @@
       "license": "MIT",
       "dependencies": {
         "@noble/secp256k1": "1.7.1",
-        "axios": "^1.7.7",
+        "axios": "^1.15.0",
         "bech32": "2.0.0",
         "debug": "4.3.4",
         "dotenv": "16.0.3",
-        "express": "^4.22.1",
+        "express": "4.22.1",
         "helmet": "6.0.1",
         "joi": "17.7.0",
-        "js-yaml": "^4.1.1",
+        "js-yaml": "4.1.1",
         "knex": "2.4.2",
         "pg": "8.9.0",
         "pg-query-stream": "4.3.0",
@@ -39,7 +39,7 @@
         "@types/chai": "^4.3.1",
         "@types/chai-as-promised": "^7.1.5",
         "@types/debug": "4.1.7",
-        "@types/express": "^4.17.21",
+        "@types/express": "4.17.21",
         "@types/js-yaml": "4.0.5",
         "@types/mocha": "^9.1.1",
         "@types/node": "^24.0.0",
diff --git a/package.json b/package.json
index e1679e41..1f3d9884 100644
--- a/package.json
+++ b/package.json
@@ -120,7 +120,7 @@
   },
   "dependencies": {
     "@noble/secp256k1": "1.7.1",
-    "axios": "^1.7.7",
+    "axios": "^1.15.0",
     "bech32": "2.0.0",
     "debug": "4.3.4",
     "dotenv": "16.0.3",