[Snyk] Security upgrade axios from 0.18.1 to 0.21.1
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this Merge Request
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
- package-lock.json
Vulnerabilities that will be fixed
With an upgrade:
Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity |
---|---|---|---|---|
718/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 6.5 |
Information Exposure SNYK-JS-FOLLOWREDIRECTS-6444610 |
No | Proof of Concept |
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: axios
The new version differs by 235 commits.- a64050a Releasing 0.21.1
- d57cd97 Updating changelog for 0.21.1 release
- 8b0f373 Use different socket for Win32 test (#3375)
- e426910 Protocol not parsed when setting proxy config from env vars (#3070)
- c7329fe Hotfix: Prevent SSRF (#3410)
- f472e5d Adding a type guard for `AxiosError` (#2949)
- 7688255 Remove the skipping of the `socket` http test (#3364)
- 820fe6e Updating axios in types to be lower case (#2797)
- 94ca24b Releasing 0.21.0
- 2130a0c Updating changelog for 0.21.0 release
- fbdc150 Lock travis to not use node v15 (#3361)
- 3a8b87d Fixing an issue that type 'null' and 'undefined' is not assignable to validateStatus when typescript strict option is enabled (#3200)
- 9a78465 Revert "Fixing overwrite Blob/File type as Content-Type in browser. (#1773)" (#3289)
- 6d05b96 Fix typos (#3309)
- fa36737 fix axios.delete ignores config.data (#3282)
- b7e954e Fixing node types (#3237)
- 04d45f2 Fixing requestHeaders.Authorization (#3287)
- e8c6e19 docs: Fix simple typo, existant -> existent (#3252)
- 0d87655 Releasing 0.20.0
- cd27741 Updating changelog for 0.20.0 release
- ffea034 Releasing 0.20.0-0
- fe147fb Updating changlog for 0.20.0 beta release
- 16aa2ce Fixing response with utf-8 BOM can not parse to json (#2419)
- c4300a8 Adding support for URLSearchParams in node (#1900)
Check the changes in this Merge Request to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information: 🧐 View latest project report
Learn how to fix vulnerabilities with free interactive lessons: