New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update dependency axios to ^0.21.0 #621

Open

mend-for-github-com wants to merge 1 commit into master from whitesource-remediate/axios-0.x

Contributor

mend-for-github-com bot commented Jun 19, 2022 •

edited

Loading

This PR contains the following updates:

Package	Type	Update	Change
axios (source)	dependencies	minor	`^0.20.0` -> `^0.21.0`

By merging this PR, the below issues will be automatically resolved and closed:

Severity	CVSS Score	CVE	GitHub Issue
Medium	6.5	CVE-2022-0155	#574
Medium	5.9	CVE-2020-28168	#505
Medium	5.9	CVE-2022-0536	#587

Release Notes

axios/axios

`v0.21.1`

0.21.1 (December 21, 2020)

Fixes and Functionality:

Hotfix: Prevent SSRF (#3410)
Protocol not parsed when setting proxy config from env vars (#3070)
Updating axios in types to be lower case (#2797)
Adding a type guard for AxiosError (#2949)

Internal and Tests:

Remove the skipping of the socket http test (#3364)
Use different socket for Win32 test (#3375)

Huge thanks to everyone who contributed to this release via code (authors listed below) or via reviews and triaging on GitHub:

Daniel Lopretto <timemachine3030@users.noreply.github.com>
Jason Kwok [email protected]
Jay [email protected]
Jonathan Foster [email protected]
Remco Haszing [email protected]
Xianming Zhong [email protected]

`v0.21.0`

0.21.0 (October 23, 2020)

Fixes and Functionality:

Fixing requestHeaders.Authorization (#3287)
Fixing node types (#3237)
Fixing axios.delete ignores config.data (#3282)
Revert "Fixing overwrite Blob/File type as Content-Type in browser. (#1773)" (#3289)
Fixing an issue that type 'null' and 'undefined' is not assignable to validateStatus when typescript strict option is enabled (#3200)

Internal and Tests:

Lock travis to not use node v15 (#3361)

Documentation:

Fixing simple typo, existant -> existent (#3252)
Fixing typos (#3309)

Huge thanks to everyone who contributed to this release via code (authors listed below) or via reviews and triaging on GitHub:

Allan Cruz [email protected]
George Cheng [email protected]
Jay [email protected]
Kevin Kirsche [email protected]
Remco Haszing [email protected]
Taemin Shin <cprayer13@gmail.com>
Tim Gates [email protected]
Xianming Zhong [email protected]

If you want to rebase/retry this PR, click this checkbox.

mend-for-github-com bot added the security fix label


          Update dependency axios to ^0.21.0

0709a78

mend-for-github-com bot changed the title ~~Update dependency axios to ^0.24.0~~ Update dependency axios to ^0.21.0

mend-for-github-com bot force-pushed the whitesource-remediate/axios-0.x branch from b0876b3 to 0709a78 Compare

June 21, 2022 08:12

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels