Updating axios to 1.8.3

Author: gockle

.gitignore

@@ -1,4 +1,5 @@
 node_modules/
+cdk.out
 coverage
 build/
 dev/
@@ -7,9 +8,9 @@ regional-s3-assets/
 open-source/
 console_new/
 **/aws_config.js
-deployment/ecr/*.jar
-test/
+deployment/ecr/**/*.jar
 .idea
+source/test/
 
 .pnp
 .pnp.js
@@ -24,3 +25,14 @@ yarn-debug.log*
 yarn-error.log*
 yarm-lock.json
 
+# cypress
+screenshots
+videos
+
+# solution metrics utils.
+source/metrics-utils/*.js
+!source/metrics-utils/jest.config.js
+source/metrics-utils/*.d.ts
+source/metrics-utils/**/*.d.ts
+source/metrics-utils/**/*.js
+source/metrics-utils/dist/

CHANGELOG.md

@@ -5,6 +5,13 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+
+## [3.3.5] - 2025-03-17
+
+### Security
+
+- Library updates to address [Possible SSRF and Credential Leakage via Absolute URL in axios Requests](https://avd.aquasec.com/nvd/cve-2025-27152)
+
 ## [3.3.4] - 2025-02-06
 
 ### Security

VERSION.txt

@@ -1 +1 @@
-3.3.4
+3.3.5

deployment/ecr/distributed-load-testing-on-aws-load-tester/Dockerfile

@@ -54,7 +54,7 @@ RUN rm -rf /usr/local/lib/python3.10/dist-packages/aiohttp*
 RUN  pip install --upgrade aiohttp
 
 # Replacing idna and Flask_Cors with more stable version to resolve CVE-2024-3651 and  CVE-2024-6221
-RUN pip install --upgrade idna Flask_Cors
+RUN pip install --upgrade idna Flask_Cors==5.0.0
 RUN rm -rf /root/.bzt/python-packages/3.10.12/idna* /root/.bzt/python-packages/3.10.12/Flask_Cors*
 RUN cp -r /usr/local/lib/python3.10/dist-packages/idna* /usr/local/lib/python3.10/dist-packages/Flask_Cors* /root/.bzt/python-packages/3.10.12/