Update dependency axios to v1.7.4 (main) #55

AxiosHeaders: fix AxiosHeaders conversion to an object during config merging (#6243) (2656612)
import: use named export for EventEmitter; (7320430)
vulnerability: update follow-redirects to 1.15.6 (#6300) (8786e0f)

Contributors to this release

`v1.6.7`

Compare Source

Bug Fixes

capture async stack only for rejections with native error objects; (#6203) (1a08f90)

Contributors to this release

`v1.6.6`

Compare Source

Bug Fixes

fixed missed dispatchBeforeRedirect argument (#5778) (a1938ff)
wrap errors to improve async stack trace (#5987) (123f354)

Contributors to this release

`v1.6.5`

Compare Source

Bug Fixes

ci: refactor notify action as a job of publish action; (#6176) (0736f95)
dns: fixed lookup error handling; (#6175) (f4f2b03)

Contributors to this release

`v1.6.4`

Compare Source

Bug Fixes

security: fixed formToJSON prototype pollution vulnerability; (#6167) (3c0c11c)
security: fixed security vulnerability in follow-redirects (#6163) (75af1cd)

Contributors to this release

`v1.6.3`

Compare Source

Bug Fixes

Regular Expression Denial of Service (ReDoS) (#6132) (5e7ad38)

Contributors to this release

`v1.6.2`

Compare Source

Features

withXSRFToken: added withXSRFToken option as a workaround to achieve the old withCredentials behavior; (#6046) (cff9967)

PRs

feat(withXSRFToken): added withXSRFToken option as a workaround to achieve the old `withCredentials` behavior; ( #6046 )


📢 This PR added &#x27;withXSRFToken&#x27; option as a replacement for old withCredentials behaviour. 
You should now use withXSRFToken along with withCredential to get the old behavior.
This functionality is considered as a fix.

Contributors to this release

`v1.6.1`

Compare Source

Bug Fixes

formdata: fixed content-type header normalization for non-standard browser environments; (#6056) (dd465ab)
platform: fixed emulated browser detection in node.js environment; (#6055) (3dc8369)

Contributors to this release

PRs

feat(withXSRFToken): added withXSRFToken option as a workaround to achieve the old `withCredentials` behavior; ( #6046 )


📢 This PR added &#x27;withXSRFToken&#x27; option as a replacement for old withCredentials behaviour. 
You should now use withXSRFToken along with withCredential to get the old behavior.
This functionality is considered as a fix.

`v1.6.0`

Compare Source

Bug Fixes

CSRF: fixed CSRF vulnerability CVE-2023-45857 (#6028) (96ee232)
dns: fixed lookup function decorator to work properly in node v20; (#6011) (5aaff53)
types: fix AxiosHeaders types; (#5931) (a1c8ad0)

PRs

CVE 2023 45857 ( #6028 )


⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

Contributors to this release

1.5.1 (2023-09-26)

Bug Fixes

adapters: improved adapters loading logic to have clear error messages; (#5919) (e410779)
formdata: fixed automatic addition of the Content-Type header for FormData in non-browser environments; (#5917) (bc9af51)
headers: allow content-encoding header to handle case-insensitive values (#5890) (#5892) (4c89f25)
types: removed duplicated code (9e62056)

Contributors to this release

PRs

CVE 2023 45857 ( #6028 )


⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

`v1.5.1`

Compare Source

Bug Fixes

adapters: improved adapters loading logic to have clear error messages; (#5919) (e410779)
formdata: fixed automatic addition of the Content-Type header for FormData in non-browser environments; (#5917) (bc9af51)
headers: allow content-encoding header to handle case-insensitive values (#5890) (#5892) (4c89f25)
types: removed duplicated code (9e62056)

Contributors to this release

PRs

CVE 2023 45857 ( #6028 )


⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

`v1.5.0`

Compare Source

Bug Fixes

adapter: make adapter loading error more clear by using platform-specific adapters explicitly (#5837) (9a414bb)
dns: fixed cacheable-lookup integration; (#5836) (b3e327d)
headers: added support for setting header names that overlap with class methods; (#5831) (d8b4ca0)
headers: fixed common Content-Type header merging; (#5832) (8fda276)

Features

export getAdapter function (#5324) (ca73eb8)
export: export adapters without unsafe prefix (#5839) (1601f4a)

Contributors to this release

PRs

CVE 2023 45857 ( #6028 )


⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

`v1.4.0`

Compare Source

Bug Fixes

formdata: add multipart/form-data content type for FormData payload on custom client environments; (#5678) (bbb61e7)
package: export package internals with unsafe path prefix; (#5677) (df38c94)

Features

dns: added support for a custom lookup function; (#5339) (2701911)
types: export AxiosHeaderValue type. (#5525) (726f1c8)

Performance Improvements

merge-config: optimize mergeConfig performance by avoiding duplicate key visits; (#5679) (e6f7053)

Contributors to this release

PRs

CVE 2023 45857 ( #6028 )


⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

1.3.6 (2023-04-19)

Bug Fixes

types: added transport to RawAxiosRequestConfig (#5445) (6f360a2)
utils: make isFormData detection logic stricter to avoid unnecessary calling of the toString method on the target; (#5661) (aa372f7)

Contributors to this release

PRs

CVE 2023 45857 ( #6028 )


⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

1.3.5 (2023-04-05)

Bug Fixes

headers: fixed isValidHeaderName to support full list of allowed characters; (#5584) (e7decef)
params: re-added the ability to set the function as paramsSerializer config; (#5633) (a56c866)

Contributors to this release

Dmitriy Mozgovoy

PRs

CVE 2023 45857 ( #6028 )


⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

1.3.4 (2023-02-22)

Bug Fixes

blob: added a check to make sure the Blob class is available in the browser's global scope; (#5548) (3772c8f)
http: fixed regression bug when handling synchronous errors inside the adapter; (#5564) (a3b246c)

Contributors to this release

PRs

CVE 2023 45857 ( #6028 )


⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

1.3.3 (2023-02-13)

Bug Fixes

formdata: added a check to make sure the FormData class is available in the browser's global scope; (#5545) (a6dfa72)
formdata: fixed setting NaN as Content-Length for form payload in some cases; (#5535) (c19f7bf)
headers: fixed the filtering logic of the clear method; (#5542) (ea87ebf)

Contributors to this release

PRs

CVE 2023 45857 ( #6028 )


⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

1.3.2 (2023-02-03)

Bug Fixes

http: treat http://localhost as base URL for relative paths to avoid ERR_INVALID_URL error; (#5528) (128d56f)
http: use explicit import instead of TextEncoder global; (#5530) (6b3c305)

Contributors to this release

Dmitriy Mozgovoy

PRs

CVE 2023 45857 ( #6028 )


⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

1.3.1 (2023-02-01)

Bug Fixes

formdata: add hotfix to use the asynchronous API to compute the content-length header value; (#5521) (96d336f)
serializer: fixed serialization of array-like objects; (#5518) (08104c0)

Contributors to this release

Dmitriy Mozgovoy

PRs

CVE 2023 45857 ( #6028 )


⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

`v1.3.6`

Compare Source

Bug Fixes

types: added transport to RawAxiosRequestConfig (#5445) (6f360a2)
utils: make isFormData detection logic stricter to avoid unnecessary calling of the toString method on the target; (#5661) (aa372f7)

Contributors to this release

PRs

CVE 2023 45857 ( #6028 )


⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

`v1.3.5`

Compare Source

Bug Fixes

headers: fixed isValidHeaderName to support full list of allowed characters; (#5584) (e7decef)
params: re-added the ability to set the function as paramsSerializer config; (#5633) (a56c866)

Contributors to this release

Dmitriy Mozgovoy

PRs

CVE 2023 45857 ( #6028 )


⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

If you want to rebase/retry this PR, check this box

mend-for-github-com · 2024-04-30T04:26:24Z

⚠ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

any of the package files in this branch needs updating, or
the branch becomes conflicted, or
you click the rebase/retry checkbox if found above, or
you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: package-lock.json

mend-for-github-com · 2024-09-03T22:07:57Z

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

any of the package files in this branch needs updating, or
the branch becomes conflicted, or
you click the rebase/retry checkbox if found above, or
you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: package-lock.json

mend-for-github-com bot added the security fix Security fix generated by Mend label Apr 30, 2024

Update dependency axios to v1.7.4

c583053

mend-for-github-com bot force-pushed the whitesource-remediate/main-axios-1.x branch from 534a405 to c583053 Compare September 3, 2024 22:07

mend-for-github-com bot changed the title ~~Update dependency axios to v1.6.0 (main)~~ Update dependency axios to v1.7.4 (main) Sep 3, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update dependency axios to v1.7.4 (main) #55

Update dependency axios to v1.7.4 (main) #55

mend-for-github-com bot commented Apr 30, 2024 •

edited

Loading

mend-for-github-com bot commented Apr 30, 2024

mend-for-github-com bot commented Sep 3, 2024

Update dependency axios to v1.7.4 (main) #55

Are you sure you want to change the base?

Update dependency axios to v1.7.4 (main) #55

Conversation

mend-for-github-com bot commented Apr 30, 2024 • edited Loading

Release Notes

Bug Fixes

Contributors to this release

Bug Fixes

Contributors to this release

Bug Fixes

Contributors to this release

Bug Fixes

Contributors to this release

Features

Bug Fixes

Contributors to this release

Bug Fixes

Contributors to this release

Bug Fixes

Contributors to this release

Bug Fixes

Contributors to this release

Bug Fixes

Contributors to this release

Bug Fixes

Contributors to this release

Bug Fixes

Contributors to this release

Features

PRs

Contributors to this release

Bug Fixes

Contributors to this release

PRs

Bug Fixes

PRs

Contributors to this release

1.5.1 (2023-09-26)

Bug Fixes

Contributors to this release

PRs

Bug Fixes

Contributors to this release

PRs

Bug Fixes

Features

Contributors to this release

PRs

Bug Fixes

Features

Performance Improvements

Contributors to this release

PRs

1.3.6 (2023-04-19)

Bug Fixes

Contributors to this release

PRs

1.3.5 (2023-04-05)

Bug Fixes

Contributors to this release

PRs

1.3.4 (2023-02-22)

Bug Fixes

Contributors to this release

PRs

1.3.3 (2023-02-13)

Bug Fixes

Contributors to this release

PRs

1.3.2 (2023-02-03)

Bug Fixes

Contributors to this release

PRs

1.3.1 (2023-02-01)

Bug Fixes

Contributors to this release

PRs

Bug Fixes

Contributors to this release

mend-for-github-com bot commented Apr 30, 2024 •

edited

Loading