sonarcloud[bot]
commented
6 months ago 
Quality Gate passed
Issues
0 New issues
0 Accepted issues
Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade axios from 0.27.2 to 0.28.1.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.- The recommended version is **2 versions** ahead of your current version. - The recommended version was released **21 days ago**, on 2024-03-28. The recommended version fixes: Severity | Issue | PriorityScore (*) | Exploit Maturity | :-------------------------:|:-------------------------|-------------------------|:-------------------------
[SNYK-JS-AXIOS-6032459](https://snyk.io/vuln/SNYK-JS-AXIOS-6032459) | **676/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 7.1 | Proof of Concept (*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: axios
-
0.28.1 - 2024-03-28
- fix(backport): custom params serializer support (#6263)
- fix(backport): uncaught ReferenceError
-
0.28.0 - 2024-02-12
- fix(security): fixed CVE-2023-45857 by backporting
- Allow null indexes on formSerializer and paramsSerializer v0.x (#4961)
- Fixing content-type header repeated #4745
- Fixed timeout error message for HTTP 4738
- Added
- URL params serializer (#4734)
- Fixed toFormData Blob issue on node>v17 #4728
- Adding types for progress event callbacks #4675
- Fixed max body length defaults #4731
- Added data URL support for node.js (#4725)
- Added isCancel type assert (#4293)
- Added the ability for the
- Add
- Allow type definition for axios instance methods (#4224)
- Fixed
- Fixed
- Adding Canceler parameters config and request (#4711)
- fix(types): allow to specify partial default headers for instance creation (#4185)
- Added
- Fixing Z_BUF_ERROR when no content (#4701)
- Fixed race condition on immediate requests cancellation (#4261)
- Added a clear() function to the request and response interceptors object so a user can ensure that all interceptors have been removed from an Axios instance #4248
- Added generic AxiosAbortSignal TS interface to avoid importing AbortController polyfill (#4229)
- Fix TS definition for AxiosRequestTransformer (#4201)
- Use type alias instead of interface for AxiosPromise (#4505)
- Include request and config when creating a CanceledError instance (#4659)
- Added generic TS types for the exposed toFormData helper (#4668)
- Optimized the code that checks cancellation (#4587)
- Replaced webpack with rollup (#4596)
- Added stack trace to AxiosError (#4624)
- Updated AxiosError.config to be optional in the type definition (#4665)
- Removed incorrect argument for NetworkError constructor (#4656)
-
0.27.2 - 2022-04-27
from axios GitHub release notesRelease notes:
Release notes:
Bug Fixes
reqis not defined (#6307)Release notes:
Bug Fixes
withXSRFTokenoption to v0.x (#6091)Backports from v1.x:
axios.formToJSONmethod (#4735)url-encoded-formserializer to respect theformSerializerconfig (#4721)string[]toAxiosRequestHeaderstype (#4322)AxiosErrorstack capturing; (#4718)AxiosErrorstatus code type; (#4717)blobto the list of protocols supported by the browser (#4678)Commit messages
Package name: axios
- 3021e0d [Release] v0.28.1 (#6331)
- 111811e fix(backport): custom params serializer support (#6263)
- 92a0454 fix(backport): Uncaught ReferenceError req is not defined at AbortSignal.onCanceled (#6307)
- ce46346 chore(ci): add npm tag action; (#6229)
- 3b7635a [Release] v0.28.0 (#6211)
- 27c0076 feat(backport): added ability for paramsSerializer to handle function; (#6227)
- 80c3d74 chore(ci): backported publish action; (#6224)
- 2755df5 fix(security): fixed CVE-2023-45857 by backporting `withXSRFToken` option to v0.x (#6091)
- 880b42e docs: Fix a typo in README
- c4bf0a4 Allow null indexes on formSerializer and paramsSerializer v0.x (#4961)
- 1e2679f fix: [Types] Type of header in AxiosRequestConfig / for Axios.create is incorrect (#4927)
- 80b546c fix: loosing request header (#4858) (#4871)
- 6acb5ef feat: brower platform add data protocol. (#4814)
- bbb2264 fix(typing): axios response headers can be undefined (#4813)
- eff25a2 chore: updated close stale workflow
- 6b44df0 chore: added dependancy review
- 94c1f7d chore: added code QL for the 0.x branch
- 5576c2f chore: update ci runner rules
- 871ef05 Fix - Request ignores false, 0 and empty string as body values (#4786)
- 3dad74c Update base with master (#4754)
- 12103f8 chore: adjusted CI to run on any current and future version branches
- 1504792 Fixing content-type header repeated (#4745)
- a11f950 Fix/4737/timeout error message for http (#4738)
- 9bb016f chore: updated actions to run on new version based branches
Compare**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.* For more information: