Andreas/LibreChat
1
0
Fork 0
mirror of https://github.com/danny-avila/LibreChat.git synced 2025-12-16 16:30:15 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 6

📦 chore: Patch axios to address CVE-2025-27152 (#6222)

Browse source 
* 📦 chore: remove `langchain` (no longer used)

* chore: patch `axios` to address CVE-2025-27152
This commit is contained in:
Danny Avila 2025-03-07 12:45:31 -05:00 committed by GitHub
parent f04ae65a75
commit dc8d5dee6a
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
4 changed files with 750 additions and 3297 deletions
Download patch file Download diff file Expand all files Collapse all files

7
api/package.json
View file

@ -40,14 +40,15 @@
"@googleapis/youtube": "^20.0.0",
"@keyv/mongo": "^2.1.8",
"@keyv/redis": "^2.8.1",
"@langchain/community": "^0.3.14",
"@langchain/community": "^0.3.34",
"@langchain/core": "^0.3.40",
"@langchain/google-genai": "^0.1.9",
"@langchain/google-vertexai": "^0.2.0",
"@langchain/textsplitters": "^0.1.0",
"@librechat/agents": "^2.2.0",
"@librechat/data-schemas": "*",
"@waylaidwanderer/fetch-event-source": "^3.0.1",
"axios": "1.7.8",
"axios": "^1.8.2",
"bcryptjs": "^2.4.3",
"cohere-ai": "^7.9.1",
"compression": "^1.7.4",
@ -74,9 +75,7 @@
"keyv": "^4.5.4",
"keyv-file": "^0.2.0",
"klona": "^2.0.6",
"langchain": "^0.2.19",
"librechat-data-provider": "*",
"@librechat/data-schemas": "*",
"librechat-mcp": "*",
"lodash": "^4.17.21",
"meilisearch": "^0.38.0",

4037
package-lock.json generated
View file

File diff suppressed because it is too large Load diff

1
package.json
View file

@ -114,6 +114,7 @@
"elliptic": "^6.6.1"
},
"overrides": {
"axios": "1.8.2",
"elliptic": "^6.6.1",
"mdast-util-gfm-autolink-literal": "2.0.0",
"remark-gfm": {

2
packages/data-provider/package.json
View file

@ -39,7 +39,7 @@
},
"homepage": "https://librechat.ai",
"dependencies": {
"axios": "^1.7.7",
"axios": "^1.8.2",
"js-yaml": "^4.1.0",
"zod": "^3.22.4"
},