Skip to content

Update axios #8082

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 12 commits into
base: dev
Choose a base branch
from
Open

Update axios #8082

wants to merge 12 commits into from

Conversation

@sameerag
Copy link
Member

@sameerag sameerag commented Oct 6, 2025
edited
Loading

Update axios version in samples

@sameerag sameerag requested review from a team as code owners October 6, 2025 13:00
@Copilot Copilot AI review requested due to automatic review settings October 6, 2025 13:00
Copilot
Copilot AI reviewed Oct 6, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR updates the axios dependency from version ^1.9.0 to ^1.12.0 across multiple MSAL.js sample applications and test utilities. This is a dependency version update that likely includes bug fixes, security patches, or new features from the axios library.

Key changes:

  • Updated axios version constraint from ^1.9.0 to ^1.12.0 across all affected packages
  • Changes are limited to sample applications and test utilities, not core library packages

Reviewed Changes

Copilot reviewed 9 out of 10 changed files in this pull request and generated no comments.

Show a summary per file
File Description
samples/msal-node-samples/silent-flow/package.json Updated axios dependency version
samples/msal-node-samples/on-behalf-of-distributed-cache/package.json Updated axios dependency version
samples/msal-node-samples/client-credentials-distributed-cache/package.json Updated axios dependency version
samples/msal-node-samples/b2c-user-flows/package.json Updated axios dependency version
samples/msal-node-samples/auth-code-distributed-cache/package.json Updated axios dependency version
samples/msal-node-samples/auth-code-cli-app/package.json Updated axios dependency version
samples/msal-node-samples/ElectronTestApp/package.json Updated axios dependency version
samples/msal-node-samples/ElectronSystemBrowserTestApp/package.json Updated axios dependency version
samples/e2eTestUtils/package.json Updated axios dependency version

sameerag
sameerag commented Oct 6, 2025
View reviewed changes
Copy link
Member Author

@sameerag sameerag left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Update axios

peterzenz
peterzenz previously approved these changes Oct 21, 2025
View reviewed changes
@sameerag sameerag enabled auto-merge (squash) October 23, 2025 02:45
konstantin-msft
konstantin-msft reviewed Oct 23, 2025
View reviewed changes
samples/msal-node-samples/silent-flow/package.json
},
"devDependencies": {
"@types/jest": "^29.5.0",
"e2e-test-utils": "file:../../e2eTestUtils",
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A reference to the local package is intentional here.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks. The change was not intentional, co-pilot suggestion I believe. Will revert this.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a good catch, how do we prevent reverting this in the future?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

May be a lint rule?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you add one? There's going to be a CVE asking folks to move to 4.25.1 when we moved the e2e tests and our lint rules to file references. We really shouldn't regress this.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a devDependency on samples, we shouldn't be opening a CVE or pushing folks to upgrade for this. We should still avoid regressing this for our own sake though

hectormmg
hectormmg previously approved these changes Oct 23, 2025
View reviewed changes
@sameerag sameerag dismissed stale reviews from hectormmg and konstantin-msft via 3dc5350 October 24, 2025 17:25
peterzenz
peterzenz requested changes Oct 24, 2025
View reviewed changes
Copy link
Contributor

@peterzenz peterzenz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we add that lint rule you suggested?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tnorling tnorling tnorling left review comments

Copilot code review Copilot Copilot left review comments

@peterzenz peterzenz peterzenz requested changes

@hectormmg hectormmg hectormmg approved these changes

@konstantin-msft konstantin-msft konstantin-msft approved these changes

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@sameerag @hectormmg @tnorling @peterzenz @konstantin-msft