Address potential security vulnerability w/ axios

portante · web-flow · commit 10ad9720b1d8 · 2021-05-05T09:48:55.000-04:00
See GHSA-4w2v-q235-vp99 ... Vulnerable versions: `< 0.21.1` Patched version: `0.21.1` Axios NPM package `0.21.0` contains a Server-Side Request Forgery (SSRF) vulnerability where an attacker is able to bypass a proxy by providing a URL that responds with a redirect to a restricted host or IP address.
diff --git a/cdm-tests/package.json b/cdm-tests/package.json
@@ -4,7 +4,7 @@
   "private": true,
   "license": "EPL-1.0",
   "dependencies": {
-    "axios": "^0.18.0",
+    "axios": ">=0.21.1",
     "d3": "3.5.17",
     "jschart": "file:../jschart",
     "react": "^16.5.1",
