From bc3d935739bc3bfe4a652f16255408d9ab322312 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 27 Oct 2023 22:58:11 +0000
Subject: [PATCH] fix: tasks/import-listings/package.json &
 tasks/import-listings/yarn.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-AXIOS-6032459
---
 tasks/import-listings/package.json |  2 +-
 tasks/import-listings/yarn.lock    | 11 ++++-------
 2 files changed, 5 insertions(+), 8 deletions(-)

diff --git a/tasks/import-listings/package.json b/tasks/import-listings/package.json
index 840def4326..ec77b2403d 100644
--- a/tasks/import-listings/package.json
+++ b/tasks/import-listings/package.json
@@ -16,7 +16,7 @@
   "author": "Chris Casto <chriscasto@google.com>",
   "license": "ISC",
   "dependencies": {
-    "axios": "1.3.5",
+    "axios": "1.6.0",
     "knex": "2.5.0",
     "pg": "8.10.0",
     "typescript": "5.0.4"
diff --git a/tasks/import-listings/yarn.lock b/tasks/import-listings/yarn.lock
index 328b5a7b1b..a819c0a2c3 100644
--- a/tasks/import-listings/yarn.lock
+++ b/tasks/import-listings/yarn.lock
@@ -350,9 +350,6 @@
   version "7.18.6"
   resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-nullish-coalescing-operator/-/plugin-proposal-nullish-coalescing-operator-7.18.6.tgz#fdd940a99a740e577d6c753ab6fbb43fdb9467e1"
   integrity sha512-wQxQzxYeJqHcfppzBDnm1yAY0jSRkUXR2z8RePZYrKwMKgMlE8+Z6LUno+bd6LvbGh8Gltvy74+9pIYkr+XkKA==
-  dependencies:
-    "@babel/helper-plugin-utils" "^7.18.6"
-    "@babel/plugin-syntax-nullish-coalescing-operator" "^7.8.3"
 
 "@babel/plugin-proposal-numeric-separator@^7.18.6":
   version "7.18.6"
@@ -1618,10 +1615,10 @@ available-typed-arrays@^1.0.5:
   resolved "https://registry.yarnpkg.com/available-typed-arrays/-/available-typed-arrays-1.0.5.tgz#92f95616501069d07d10edb2fc37d3e1c65123b7"
   integrity sha512-DMD0KiN46eipeziST1LPP/STfDU0sufISXmjSgvVsoU2tqxctQeASejWcfNtxYKqETM1UxQ8sp2OrSBWpHY6sw==
 
-axios@1.3.5:
-  version "1.3.5"
-  resolved "https://registry.yarnpkg.com/axios/-/axios-1.3.5.tgz#e07209b39a0d11848e3e341fa087acd71dadc542"
-  integrity sha512-glL/PvG/E+xCWwV8S6nCHcrfg1exGx7vxyUIivIA1iL7BIh6bePylCfVHwp6k13ao7SATxB6imau2kqY+I67kw==
+axios@1.6.0:
+  version "1.6.0"
+  resolved "https://registry.yarnpkg.com/axios/-/axios-1.6.0.tgz#f1e5292f26b2fd5c2e66876adc5b06cdbd7d2102"
+  integrity sha512-EZ1DYihju9pwVB+jg67ogm+Tmqc6JmhamRN6I4Zt8DfZu5lbcQGw3ozH9lFejSJgs/ibaef3A9PMXPLeefFGJg==
   dependencies:
     follow-redirects "^1.15.0"
     form-data "^4.0.0"