Skip to content
This repository has been archived by the owner on May 17, 2024. It is now read-only.

chore(deps-dev): bump axios from 1.4.0 to 1.6.2 #3578

Closed
wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 20, 2023

Bumps axios from 1.4.0 to 1.6.2.

Release notes

Sourced from axios's releases.

Release v1.6.2

Release notes:

Features

  • withXSRFToken: added withXSRFToken option as a workaround to achieve the old withCredentials behavior; (#6046) (cff9967)

PRs

  • feat(withXSRFToken): added withXSRFToken option as a workaround to achieve the old `withCredentials` behavior; ( #6046 )

📢 This PR added 'withXSRFToken' option as a replacement for old withCredentials behaviour. 
You should now use withXSRFToken along with withCredential to get the old behavior.
This functionality is considered as a fix.

Contributors to this release

Release v1.6.1

Release notes:

Bug Fixes

  • formdata: fixed content-type header normalization for non-standard browser environments; (#6056) (dd465ab)
  • platform: fixed emulated browser detection in node.js environment; (#6055) (3dc8369)

Contributors to this release

Release v1.6.0

Release notes:

Bug Fixes

PRs

  • CVE 2023 45857 ( #6028 )

⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

Contributors to this release

... (truncated)

Changelog

Sourced from axios's changelog.

1.6.2 (2023-11-14)

Features

  • withXSRFToken: added withXSRFToken option as a workaround to achieve the old withCredentials behavior; (#6046) (cff9967)

PRs

  • feat(withXSRFToken): added withXSRFToken option as a workaround to achieve the old `withCredentials` behavior; ( #6046 )

📢 This PR added 'withXSRFToken' option as a replacement for old withCredentials behaviour. 
You should now use withXSRFToken along with withCredential to get the old behavior.
This functionality is considered as a fix.

Contributors to this release

1.6.1 (2023-11-08)

Bug Fixes

  • formdata: fixed content-type header normalization for non-standard browser environments; (#6056) (dd465ab)
  • platform: fixed emulated browser detection in node.js environment; (#6055) (3dc8369)

Contributors to this release

PRs

  • feat(withXSRFToken): added withXSRFToken option as a workaround to achieve the old `withCredentials` behavior; ( #6046 )

📢 This PR added 'withXSRFToken' option as a replacement for old withCredentials behaviour. 
You should now use withXSRFToken along with withCredential to get the old behavior.
This functionality is considered as a fix.

1.6.0 (2023-10-26)

Bug Fixes

... (truncated)

Commits
  • b3be365 chore(release): v1.6.2 (#6082)
  • 8739acb chore(ci): removed redundant release action; (#6081)
  • bfa9c30 chore(docs): fix outdated grunt to npm scripts (#6073)
  • a2b0fb3 chore(docs): update README.md (#6048)
  • b12a608 chore(ci): removed paths-ignore filter; (#6080)
  • 0c9d886 chore(ci): reworked ignoring files logic; (#6079)
  • 30873ee chore(ci): add paths-ignore config to testing action; (#6078)
  • cff9967 feat(withXSRFToken): added withXSRFToken option as a workaround to achieve th...
  • 7009715 chore(ci): fixed release notification action; (#6064)
  • 7144f10 chore(ci): fixed release notification action; (#6063)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added the dependencies pr Pull requests that update a dependency file. label Nov 20, 2023
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/axios-1.6.2 branch 2 times, most recently from 9aeb310 to 224506a Compare November 23, 2023 09:40
Bumps [axios](https://github.com/axios/axios) from 1.4.0 to 1.6.2.
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.4.0...v1.6.2)

---
updated-dependencies:
- dependency-name: axios
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/axios-1.6.2 branch from 224506a to e4d35f2 Compare November 23, 2023 09:49
Copy link
Contributor Author

dependabot bot commented on behalf of github Nov 23, 2023

Looks like axios is up-to-date now, so this is no longer needed.

@dependabot dependabot bot closed this Nov 23, 2023
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/axios-1.6.2 branch November 23, 2023 10:21
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
dependencies pr Pull requests that update a dependency file.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants