From 75af1cdff5b3a6ca3766d3d3afbc3115bb0811b8 Mon Sep 17 00:00:00 2001
From: Guy Nesher <nesher.guy@gmail.com>
Date: Wed, 3 Jan 2024 19:32:50 +0000
Subject: [PATCH] fix(security): fixed security vulnerability in
 follow-redirects (#6163)

Co-authored-by: Jay <jasonsaayman@gmail.com>
---
 package-lock.json          | 14 +++++++-------
 package.json               |  4 ++--
 test/unit/adapters/http.js |  2 +-
 3 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 074ca35..3e16204 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -9,7 +9,7 @@
       "version": "1.6.3",
       "license": "MIT",
       "dependencies": {
-        "follow-redirects": "^1.15.0",
+        "follow-redirects": "^1.15.4",
         "form-data": "^4.0.0",
         "proxy-from-env": "^1.1.0"
       },
@@ -10689,9 +10689,9 @@
       }
     },
     "node_modules/follow-redirects": {
-      "version": "1.15.0",
-      "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.0.tgz",
-      "integrity": "sha512-aExlJShTV4qOUOL7yF1U5tvLCB0xQuudbf6toyYA0E/acBNw71mvjFTnLaRp50aQaYocMR0a/RMMBIHeZnGyjQ==",
+      "version": "1.15.4",
+      "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.4.tgz",
+      "integrity": "sha512-Cr4D/5wlrb0z9dgERpUL3LrmPKVDsETIJhaCMeDfuFYcqa5bldGV6wBsAN6X/vxlXQtFBMrXdXxdL8CbDTGniw==",
       "funding": [
         {
           "type": "individual",
@@ -32501,9 +32501,9 @@
       }
     },
     "follow-redirects": {
-      "version": "1.15.0",
-      "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.0.tgz",
-      "integrity": "sha512-aExlJShTV4qOUOL7yF1U5tvLCB0xQuudbf6toyYA0E/acBNw71mvjFTnLaRp50aQaYocMR0a/RMMBIHeZnGyjQ=="
+      "version": "1.15.4",
+      "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.4.tgz",
+      "integrity": "sha512-Cr4D/5wlrb0z9dgERpUL3LrmPKVDsETIJhaCMeDfuFYcqa5bldGV6wBsAN6X/vxlXQtFBMrXdXxdL8CbDTGniw=="
     },
     "for-in": {
       "version": "1.0.2",
diff --git a/package.json b/package.json
index cd9156c..0b15c9a 100644
--- a/package.json
+++ b/package.json
@@ -146,7 +146,7 @@
   "unpkg": "dist/axios.min.js",
   "typings": "./index.d.ts",
   "dependencies": {
-    "follow-redirects": "^1.15.0",
+    "follow-redirects": "^1.15.4",
     "form-data": "^4.0.0",
     "proxy-from-env": "^1.1.0"
   },
@@ -215,4 +215,4 @@
       "@commitlint/config-conventional"
     ]
   }
-}
\ No newline at end of file
+}
diff --git a/test/unit/adapters/http.js b/test/unit/adapters/http.js
index f51500d..a1c6da4 100644
--- a/test/unit/adapters/http.js
+++ b/test/unit/adapters/http.js
@@ -385,7 +385,7 @@ describe('supports http with nodejs', function () {
           }
         }
       }).catch(function (error) {
-        assert.equal(error.message, 'Provided path is not allowed');
+        assert.equal(error.message, 'Redirected request failed: Provided path is not allowed');
         done();
       }).catch(done);
     });