From 7b2dd5fee8669dc5de3d6af2d54ced92299e6ebf Mon Sep 17 00:00:00 2001
From: babu-ch <mashirohira@gmail.com>
Date: Wed, 11 Mar 2026 16:16:58 +0900
Subject: [PATCH 1/2] chore(client): bump axios to v1.13.5

---
 packages/client/package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/client/package.json b/packages/client/package.json
index 351048e3f..4af2b94a8 100644
--- a/packages/client/package.json
+++ b/packages/client/package.json
@@ -28,7 +28,7 @@
   },
   "dependencies": {
     "@sendgrid/helpers": "^8.0.0",
-    "axios": "^1.12.0"
+    "axios": "^1.13.5"
   },
   "devDependencies": {
     "chai": "4.2.0",

From f4d720d6c70824320b8caed6bb23111cfa741797 Mon Sep 17 00:00:00 2001
From: babu-ch <mashirohira@gmail.com>
Date: Wed, 1 Apr 2026 11:57:17 +0900
Subject: [PATCH 2/2] fix(client): pin axios to exact version 1.13.5

Lock axios to exact version to prevent auto-installing potentially
compromised 1.14.x versions (see axios/axios#10604).
---
 packages/client/package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/client/package.json b/packages/client/package.json
index 4af2b94a8..792c3acd5 100644
--- a/packages/client/package.json
+++ b/packages/client/package.json
@@ -28,7 +28,7 @@
   },
   "dependencies": {
     "@sendgrid/helpers": "^8.0.0",
-    "axios": "^1.13.5"
+    "axios": "1.13.5"
   },
   "devDependencies": {
     "chai": "4.2.0",