Need to upgrade Axios dependency v1.7.9 in durable-functions

[Shivanand-JLL]

Describe the bug
“durable-functions“ 3.1.0 : npm: durable-functions
This version forcibly restores "axios": "1.7.2" in NodeJs Azure function.
Expected to be restoring latest version of "axios": "1.7.9"due the “^” used in the versioning.
"^" is not playing the role of installing the latest Axios version in Azure function, but works locally.

Required: Axios versions below "1.7.2" has security vulnerability which is fixed in axios v1.7.4 +
Link: GHSA-8hc4-vh64-cxmj

Query: Why Axios is downgraded to to v 1.6,1 in “durable-functions“ v3.1.0 ?

Investigative information

• Durable Functions extension version: v3.1.0
• durable-functions npm module version:
• Language (JavaScript/TypeScript) and version: Typescript
• Node.js version: v22.13.1

If deployed to Azure App Service

Steps to reproduce the behavior:

1. Create a sample Node js project
2. Install durable-functions“ 3.1.0
3. Check "SampleNodeJsProject\node_modules\durable-functions\package.json"
4. Observe "axios": "^1.6.1" in "dependencies" section

• Development environment : Vs Code

Regards,

Shivanand B. Yarnal