Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Upgrade axios from 0.19.2 to 0.24.0 #4

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

snyk-bot
Copy link

Snyk has created this PR to upgrade axios from 0.19.2 to 0.24.0.

merge advice
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


  • The recommended version is 10 versions ahead of your current version.
  • The recommended version was released 3 months ago, on 2021-10-25.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Regular Expression Denial of Service (ReDoS)
SNYK-JS-AXIOS-1579269
696/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
Proof of Concept
Information Exposure
SNYK-JS-FOLLOWREDIRECTS-2332181
696/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
Proof of Concept
Server-Side Request Forgery (SSRF)
SNYK-JS-AXIOS-1038255
696/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: axios from axios GitHub release notes
Commit messages
Package name: axios
  • 53d6d37 Adding minfied files
  • 6d613b4 Updated changelog
  • 2c9cc76 revert: change type of AxiosResponse to any (#4186)
  • 1025d12 Release v0.23.0
  • 6d1e30f Prepared release notes
  • 20e8b6b chore(docs): rename Angular to AngularJS (#4114)
  • 94a9344 Test types (#4140)
  • fce210a Fixed TransitionalOptions typings (#4147)
  • 547815d Mending merge conflict
  • e462973 fix response headers types (#4136)
  • 7c9a5c5 Fix missing semicolon in typings (#4115)
  • 6c00232 Change never type to unknown (#4142)
  • 28a06e6 Distinguish request and response data types (#4116)
  • ba9c193 Release/v0.22.0 (#4143)
  • 76f09af Release/v0.22.0 (#4107)
  • 7d6bddb Fix node version on CI (#4069)
  • 96956e3 Improve timeout error when timeout is browser default (#3209)
  • e52cd3a Add globalObject: 'this' to webpack config (#3176)
  • 2bc2507 Adding insecureHTTPParser type to AxiosRequestConfig
  • f3ca637 Caseless header comparing in HTTP adapter. (#2880)
  • 4091b07 Release/0.21.4 (#4025)
  • 90205f8 Change headers type to string record (#3021)
  • 92b29d2 Make the default type of response data never (#3002)
  • 4eeb3b1 Improved type-safety for AxiosRequestConfig (#2995)

Compare


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant