Skip to content
This repository was archived by the owner on Aug 27, 2024. It is now read-only.

Bump axios from 0.21.4 to 1.2.6#1885

Closed
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/axios-1.2.6
Closed

Bump axios from 0.21.4 to 1.2.6#1885
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/axios-1.2.6

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jan 30, 2023

Copy link
Copy Markdown
Contributor

Bumps axios from 0.21.4 to 1.2.6.

Release notes

Sourced from axios's releases.

Release v1.2.6

Release notes:

Bug Fixes

  • headers: added missed Authorization accessor; (#5502) (342c0ba)
  • types: fixed CommonRequestHeadersList & CommonResponseHeadersList types to be private in commonJS; (#5503) (5a3d0a3)

Contributors to this release

Release v1.2.5

Release notes:

Bug Fixes

  • types: fixed AxiosHeaders to handle spread syntax by making all methods non-enumerable; (#5499) (580f1e8)

Contributors to this release

Release v1.2.4

Release notes:

Bug Fixes

  • types: renamed RawAxiosRequestConfig back to AxiosRequestConfig; (#5486) (2a71f49)
  • types: fix AxiosRequestConfig generic; (#5478) (9bce81b)

Contributors to this release

1.2.3

Release notes:

Bug Fixes

  • types: fixed AxiosRequestConfig header interface by refactoring it to RawAxiosRequestConfig; (#5420) (0811963)

Contributors to this release

1.2.2

[1.2.2] - 2022-12-29

Fixed

  • fix(ci): fix release script inputs #5392
  • fix(ci): prerelease scipts #5377

... (truncated)

Changelog

Sourced from axios's changelog.

1.2.6 (2023-01-28)

Bug Fixes

  • headers: added missed Authorization accessor; (#5502) (342c0ba)
  • types: fixed CommonRequestHeadersList & CommonResponseHeadersList types to be private in commonJS; (#5503) (5a3d0a3)

Contributors to this release

1.2.5 (2023-01-26)

Bug Fixes

  • types: fixed AxiosHeaders to handle spread syntax by making all methods non-enumerable; (#5499) (580f1e8)

Contributors to this release

1.2.4 (2023-01-22)

Bug Fixes

  • types: renamed RawAxiosRequestConfig back to AxiosRequestConfig; (#5486) (2a71f49)
  • types: fix AxiosRequestConfig generic; (#5478) (9bce81b)

Contributors to this release

1.2.3 (2023-01-10)

Bug Fixes

  • types: fixed AxiosRequestConfig header interface by refactoring it to RawAxiosRequestConfig; (#5420) (0811963)

Contributors to this release

[1.2.2] - 2022-12-29

... (truncated)

Commits
  • 5bde91c chore(release): v1.2.6 (#5505)
  • 5a3d0a3 fix(types): fixed CommonRequestHeadersList & CommonResponseHeadersList ty...
  • 342c0ba fix(headers): added missed Authorization accessor; (#5502)
  • a105feb chore(deps): bump ua-parser-js from 0.7.31 to 0.7.33 (#5493)
  • 366161e chore(release): v1.2.5 (#5500)
  • 18c1710 docs: fix GitHub workflow badges (#5462)
  • 580f1e8 fix(types): fixed AxiosHeaders to handle spread syntax by making all methods ...
  • 6600d51 [Release] v1.2.4 (#5487)
  • 2a71f49 fix(types): renamed RawAxiosRequestConfig back to AxiosRequestConfig; (#5...
  • 6486929 Fix AxiosRequestHeaders & AxiosHeaders types; (#5482)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump axios from 0.21.4 to 1.2.6
fa098f1 
Bumps [axios](https://github.com/axios/axios) from 0.21.4 to 1.2.6.
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v0.21.4...v1.2.6)

---
updated-dependencies:
- dependency-name: axios
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jan 30, 2023
@dependabot dependabot Bot mentioned this pull request Jan 30, 2023
Closed
@guardrails

guardrails Bot commented Jan 30, 2023

Copy link
Copy Markdown

⚠️ We detected 19 security issues in this pull request:

Vulnerable Libraries (19)
Severity Details
Critical pkg:npm/set-value@2.0.1@2.0.1 (t) - no patch available
Medium pkg:npm/express@4.18.1@4.18.1 (t) - no patch available
Low pkg:npm/node-fetch@2.6.7@2.6.7 (t) - no patch available
High pkg:npm/json5@1.0.1@1.0.1 (t) upgrade to: 2.2.2
Medium pkg:npm/got@11.8.5@11.8.5 (t) - no patch available
N/A pkg:npm/decode-uri-component@0.2.0@0.2.0 (t) - no patch available
N/A pkg:npm/debug@2.6.9@2.6.9 (t) upgrade to: 3.1.0
High pkg:npm/json-stable-stringify@1.0.1@1.0.1 (t) - no patch available
Medium pkg:npm/react@16.14.0@16.14.0 (t) - no patch available
High pkg:npm/json5@2.2.1@2.2.1 (t) upgrade to: 2.2.2
Medium pkg:npm/dompurify@2.4.0@2.4.0 (t) - no patch available
Critical pkg:npm/loader-utils@2.0.2@2.0.2 (t) upgrade to: 2.0.3
High pkg:npm/is_js@0.9.0@0.9.0 (t) - no patch available
Critical pkg:npm/unset-value@1.0.0@1.0.0 (t) - no patch available
Critical pkg:npm/execa@1.0.0@1.0.0 (t) - no patch available
Medium pkg:npm/quill@1.3.7@1.3.7 (t) - no patch available
Critical pkg:npm/nodemon@2.0.20@2.0.20 (t) - no patch available
High pkg:npm/fb-watchman@2.0.1@2.0.1 (t) - no patch available
Critical pkg:npm/jsonwebtoken@8.5.1@8.5.1 (t) - no patch available

More info on how to fix Vulnerable Libraries in JavaScript.

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.

@dependabot @github

dependabot Bot commented on behalf of github Feb 6, 2023

Copy link
Copy Markdown
Contributor Author

Superseded by #1906.

@dependabot dependabot Bot closed this Feb 6, 2023
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/axios-1.2.6 branch February 6, 2023 21:01
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants