Page MenuHomePhabricator

Replace moxios with more active project
Open, Needs TriagePublic

Description

Our Axios mocking library, moxios, has a dependency on a vulnerable version of axios, our http request library. Looking at the commits and comments in the bug tracker, it looks like there won't be an update to the dependency any time soon. So we need to mock it differently, either with pure Jest or by using a different Axios mocking library, e.g. [[ https://www.npmjs.com/package/axios-mock-adapter | axios-mock-adapter ]]

This is not a critical security issue, as the outdated dependency is a dev dependency. But we should fix it nevertheless to avoid becoming blind to GitHub package warnings.

Event Timeline

Restricted Application added a project: WMDE-FUN-Team. · View Herald TranscriptAug 21 2019, 3:34 PM
Restricted Application added a subscriber: Aklapper. · View Herald Transcript
gabriel-wmde updated the task description. (Show Details)Oct 28 2020, 9:48 AM