Skip to content

[Snyk] Security upgrade axios from 0.21.1 to 0.21.3#16

Open
snyk-bot wants to merge 1 commit into
masterfrom
snyk-fix-423af4ac2ed0d4da6fd4e0a7c66b8595
Open

[Snyk] Security upgrade axios from 0.21.1 to 0.21.3#16
snyk-bot wants to merge 1 commit into
masterfrom
snyk-fix-423af4ac2ed0d4da6fd4e0a7c66b8595

Conversation

@snyk-bot
Copy link
Copy Markdown

@snyk-bot snyk-bot commented May 30, 2023

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

  • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
    • package.json
    • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:
Severity Issue Breaking Change Exploit Maturity
high severity Regular Expression Denial of Service (ReDoS)
SNYK-JS-AXIOS-1579269		 No Proof of Concept
Commit messages
Package name: axios The new version differs by 41 commits.
  • e367be5 [Releasing] 0.21.3
  • 83ae383 Correctly add response interceptors to interceptor chain (#4013)
  • c0c8761 [Updating] changelog to include links to issues and contributors
  • 619bb46 [Releasing] v0.21.2
  • 82c9455 Create SECURITY.md (#3981)
  • 5b45711 Security fix for ReDoS (#3980)
  • 5bc9ea2 Update ECOSYSTEM.md (#3817)
  • e72813a Fixing README.md (#3818)
  • e10a027 Fix README typo under Request Config (#3825)
  • e091491 Update README.md (#3936)
  • b42fbad Removed un-needed bracket
  • 520c8dc Updating CI status badge (#3953)
  • 4fbeecb Adding CI on Github Actions. (#3938)
  • e9965bf Fixing the sauce labs tests (#3813)
  • dbc634c Remove charset in tests (#3807)
  • 3958e9f Add explanation of cancel token (#3803)
  • 69949a6 Adding custom return type support to interceptor (#3783)
  • 49509f6 Create FUNDING.yml (#3796)
  • 199c8aa Adding parseInt to config.timeout (#3781)
  • 94fc4ea Adding isAxiosError typeguard documentation (#3767)
  • 0ece97c Fixing quadratic runtime when setting a maxContentLength (#3738)
  • a18a0ec Updating `lib/core/README.md` about Dispatching requests (#3772)
  • 59fa614 [Updated] follow-redirects to the latest version (#3771)
  • 7821ed2 Feat/json improvements (#3763)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)

@vercel
Copy link
Copy Markdown

vercel Bot commented May 30, 2023
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
metrobooks ✅ Ready (Inspect) Visit Preview 💬 Add feedback May 30, 2023 8:34am

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@snyk-bot