-
Notifications
You must be signed in to change notification settings - Fork 2
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore(deps): update dependency axios to v1.7.4 [security] #122
base: main
Are you sure you want to change the base?
Conversation
|
Kudos, SonarCloud Quality Gate passed! |
4a90f04
to
174839e
Compare
Quality Gate passedKudos, no new issues were introduced! 0 New issues |
174839e
to
c87c0e1
Compare
Quality Gate passedIssues Measures |
c87c0e1
to
ddc79bf
Compare
Quality Gate passedIssues Measures |
ddc79bf
to
fa579c3
Compare
This PR contains the following updates:
1.4.0
->1.7.4
GitHub Vulnerability Alerts
CVE-2023-45857
An issue discovered in Axios 0.8.1 through 1.5.1 inadvertently reveals the confidential XSRF-TOKEN stored in cookies by including it in the HTTP header X-XSRF-TOKEN for every request made to any host allowing attackers to view sensitive information.
CVE-2024-39338
axios 1.7.2 allows SSRF via unexpected behavior where requests for path relative URLs get processed as protocol relative URLs.
Release Notes
axios/axios (axios)
v1.7.4
Compare Source
Bug Fixes
Contributors to this release
v1.7.3
Compare Source
Bug Fixes
Contributors to this release
v1.7.2
Compare Source
Bug Fixes
Contributors to this release
v1.7.1
Compare Source
Bug Fixes
Contributors to this release
v1.7.0
Compare Source
Features
Bug Fixes
Contributors to this release
v1.6.8
Compare Source
Bug Fixes
Contributors to this release
v1.6.7
Compare Source
Bug Fixes
Contributors to this release
v1.6.6
Compare Source
Bug Fixes
Contributors to this release
v1.6.5
Compare Source
Bug Fixes
Contributors to this release
v1.6.4
Compare Source
Bug Fixes
Contributors to this release
v1.6.3
Compare Source
Bug Fixes
Contributors to this release
v1.6.2
Compare Source
Features
withCredentials
behavior; (#6046) (cff9967)PRs
Contributors to this release
v1.6.1
Compare Source
Bug Fixes
Contributors to this release
v1.6.0
Compare Source
Bug Fixes
PRs
Contributors to this release
1.5.1 (2023-09-26)
Bug Fixes
Content-Type
header for FormData in non-browser environments; (#5917) (bc9af51)content-encoding
header to handle case-insensitive values (#5890) (#5892) (4c89f25)Contributors to this release
PRs
v1.5.1
Compare Source
Bug Fixes
Content-Type
header for FormData in non-browser environments; (#5917) (bc9af51)content-encoding
header to handle case-insensitive values (#5890) (#5892) (4c89f25)Contributors to this release
v1.5.0
Compare Source
Bug Fixes
cacheable-lookup
integration; (#5836) (b3e327d)Features
unsafe
prefix (#5839) (1601f4a)Contributors to this release
Configuration
📅 Schedule: Branch creation - "" in timezone America/Los_Angeles, Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about these updates again.
This PR was generated by Mend Renovate. View the repository job log.