Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Upgrade axios from 0.16.2 to 0.19.0 #7

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

snyk-bot
Copy link

Snyk has created this PR to upgrade axios from 0.16.2 to 0.19.0.

  • The recommended version is 5 versions ahead of your current version.
  • The recommended version was released 5 months ago, on 2019-05-30.

The recommended version fixes:

Severity Title Issue ID
Denial of Service (DoS) SNYK-JS-AXIOS-174505
Release notes
  • Package name: axios
    • 0.19.0 - 2019-05-30

      Fixes and Functionality:

      • Unzip response body only for statuses != 204 (#1129) - drawski
      • Destroy stream on exceeding maxContentLength (fixes #1098) (#1485) - Gadzhi Gadzhiev
      • Makes Axios error generic to use AxiosResponse (#1738) - Suman Lama
      • Fixing Mocha tests by locking follow-redirects version to 1.5.10 (#1993) - grumblerchester
      • Allow uppercase methods in typings. (#1781) - Ken Powers
      • Fixing .eslintrc without extension (#1789) - Manoel
      • Consistent coding style (#1787) - Ali Servet Donmez
      • Fixing building url with hash mark (#1771) - Anatoly Ryabov
      • This commit fix building url with hash map (fragment identifier) when parameters are present: they must not be added after #, because client cut everything after #
      • Preserve HTTP method when following redirect (#1758) - Rikki Gibson
      • Add getUri signature to TypeScript definition. (#1736) - Alexander Trauzzi
      • Adding isAxiosError flag to errors thrown by axios (#1419) - Ayush Gupta
      • Fix failing SauceLabs tests by updating configuration - Emily Morehouse

      Documentation:

      • Add information about auth parameter to README (#2166) - xlaguna
      • Add DELETE to list of methods that allow data as a config option (#2169) - Daniela Borges Matos de Carvalho
      • Update ECOSYSTEM.md - Add Axios Endpoints (#2176) - Renan
      • Add r2curl in ECOSYSTEM (#2141) - 유용우 / CX
      • Update README.md - Add instructions for installing with yarn (#2036) - Victor Hermes
      • Fixing spacing for README.md (#2066) - Josh McCarty
      • Update README.md. - Change .then to .finally in example code (#2090) - Omar Cai
      • Clarify what values responseType can have in Node (#2121) - Tyler Breisacher
      • docs(ECOSYSTEM): add axios-api-versioning (#2020) - Weffe
      • It seems that responseType: 'blob' doesn't actually work in Node (when I tried using it, response.data was a string, not a Blob, since Node doesn't have Blobs), so this clarifies that this option should only be used in the browser
      • Add issue templates - Emily Morehouse
      • Update README.md. - Add Querystring library note (#1896) - Dmitriy Eroshenko
      • Add react-hooks-axios to Libraries section of ECOSYSTEM.md (#1925) - Cody Chan
      • Clarify in README that default timeout is 0 (no timeout) (#1750) - Ben Standefer
    • 0.19.0-beta.1 - 2018-08-09

      NOTE: This is a beta version of this release. There may be functionality that is broken in
      certain browsers, though we suspect that builds are hanging and not erroring. See
      https://saucelabs.com/u/axios for the most up-to-date information.

      New Functionality:

      • Add getUri method (#1712)
      • Add support for no_proxy env variable (#1693)
      • Add toJSON to decorated Axios errors to faciliate serialization (#1625)
      • Add second then on axios call (#1623)
      • Typings: allow custom return types
      • Add option to specify character set in responses (with http adapter)

      Fixes:

      • Fix Keep defaults local to instance (#385)
      • Correctly catch exception in http test (#1475)
      • Fix accept header normalization (#1698)
      • Fix http adapter to allow HTTPS connections via HTTP (#959)
      • Fix Removes usage of deprecated Buffer constructor. (#1555, #1622)
      • Fix defaults to use httpAdapter if available (#1285)
        • Fixing defaults to use httpAdapter if available
        • Use a safer, cross-platform method to detect the Node environment
      • Fix Reject promise if request is cancelled by the browser (#537)
      • [Typescript] Fix missing type parameters on delete/head methods
      • [NS]: Send false flag isStandardBrowserEnv for Nativescript
      • Fix missing type parameters on delete/head
      • Fix Default method for an instance always overwritten by get
      • Fix type error when socketPath option in AxiosRequestConfig
      • Capture errors on request data streams
      • Decorate resolve and reject to clear timeout in all cases
    • 0.18.1 - 2019-06-01
        </li>
        <li>
          <b>0.18.0</b> - <a href="https://github.com/axios/axios/releases/tag/v0.18.0">2018-02-19</a>
          <ul>
      
    • Adding support for UNIX Sockets when running with Node.js (#1070)
    • Fixing typings (#1177):
      • AxiosRequestConfig.proxy: allows type false
      • AxiosProxyConfig: added auth field
    • Adding function signature in AxiosInstance interface so AxiosInstance can be invoked (#1192, #1254)
    • Allowing maxContentLength to pass through to redirected calls as maxBodyLength in follow-redirects config (#1287)
    • Fixing configuration when using an instance - method can now be set (#1342)

    0.17.1 (Nov 11, 2017)

    • Fixing issue with web workers (#1160)
    • Allowing overriding transport (#1080)
    • Updating TypeScript typings (#1165, #1125, #1131)
  • 0.17.1 - 2017-11-11 No content.
  • 0.17.0 - 2017-10-21 No content.
  • 0.16.2 - 2017-06-03 No content.
from [`axios` GitHub Release Notes](https://github.com/axios/axios/releases)
------------

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Download continues after maxContentLength exceeded
1 participant