Bump axios, @11ty/eleventy and wait-on

[dependabot[bot]]

Bumps axios to 1.6.2 and updates ancestor dependencies axios, @11ty/eleventy and wait-on. These dependencies need to be updated together.

Updates axios from 0.21.4 to 1.6.2

Release notes

Sourced from axios's releases.

Release v1.6.2

Release notes:

Features

• withXSRFToken: added withXSRFToken option as a workaround to achieve the old withCredentials behavior; (#6046) (cff9967)

PRs

• feat(withXSRFToken): added withXSRFToken option as a workaround to achieve the old `withCredentials` behavior; ( #6046 )

📢 This PR added 'withXSRFToken' option as a replacement for old withCredentials behaviour. 
You should now use withXSRFToken along with withCredential to get the old behavior.
This functionality is considered as a fix.

Contributors to this release

• Dmitriy Mozgovoy
• Ng Choon Khon (CK)
• Muhammad Noman

Release v1.6.1

Release notes:

Bug Fixes

• formdata: fixed content-type header normalization for non-standard browser environments; (#6056) (dd465ab)
• platform: fixed emulated browser detection in node.js environment; (#6055) (3dc8369)

Contributors to this release

• Dmitriy Mozgovoy
• Fabian Meyer

Release v1.6.0

Release notes:

Bug Fixes

• CSRF: fixed CSRF vulnerability CVE-2023-45857 (#6028) (96ee232)
• dns: fixed lookup function decorator to work properly in node v20; (#6011) (5aaff53)
• types: fix AxiosHeaders types; (#5931) (a1c8ad0)

PRs

• CVE 2023 45857 ( #6028 )

⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

Contributors to this release

... (truncated)

Changelog

Sourced from axios's changelog.

1.6.2 (2023-11-14)

Features

• withXSRFToken: added withXSRFToken option as a workaround to achieve the old withCredentials behavior; (#6046) (cff9967)

PRs

• feat(withXSRFToken): added withXSRFToken option as a workaround to achieve the old `withCredentials` behavior; ( #6046 )

📢 This PR added 'withXSRFToken' option as a replacement for old withCredentials behaviour. 
You should now use withXSRFToken along with withCredential to get the old behavior.
This functionality is considered as a fix.

Contributors to this release

• Dmitriy Mozgovoy
• Ng Choon Khon (CK)
• Muhammad Noman

1.6.1 (2023-11-08)

Bug Fixes

• formdata: fixed content-type header normalization for non-standard browser environments; (#6056) (dd465ab)
• platform: fixed emulated browser detection in node.js environment; (#6055) (3dc8369)

Contributors to this release

• Dmitriy Mozgovoy
• Fabian Meyer

PRs

• feat(withXSRFToken): added withXSRFToken option as a workaround to achieve the old `withCredentials` behavior; ( #6046 )

📢 This PR added 'withXSRFToken' option as a replacement for old withCredentials behaviour. 
You should now use withXSRFToken along with withCredential to get the old behavior.
This functionality is considered as a fix.

1.6.0 (2023-10-26)

Bug Fixes

• CSRF: fixed CSRF vulnerability CVE-2023-45857 (#6028) (96ee232)

... (truncated)

Commits

• b3be365 chore(release): v1.6.2 (#6082)
• 8739acb chore(ci): removed redundant release action; (#6081)
• bfa9c30 chore(docs): fix outdated grunt to npm scripts (#6073)
• a2b0fb3 chore(docs): update README.md (#6048)
• b12a608 chore(ci): removed paths-ignore filter; (#6080)
• 0c9d886 chore(ci): reworked ignoring files logic; (#6079)
• 30873ee chore(ci): add paths-ignore config to testing action; (#6078)
• cff9967 feat(withXSRFToken): added withXSRFToken option as a workaround to achieve th...
• 7009715 chore(ci): fixed release notification action; (#6064)
• 7144f10 chore(ci): fixed release notification action; (#6063)
• Additional commits viewable in compare view

Updates @11ty/eleventy from 1.0.2 to 2.0.1

Release notes

Sourced from @​11ty/eleventy's releases.

Eleventy v2.0.1: a Bug Fix Release

Eleventy v2.0.1 is now available! You can try it out in your project now:

npm install @11ty/eleventy@latest

• Read more about project versus global installation.

New to Eleventy?

Eleventy is a flexible and production-ready site generator known for its zero-client JavaScript footprint, speedy sites, speedy builds, and full control over the output.

• Build a blog from scratch in 6 minutes with Eleventy
• Watch The State of Eleventy in Two Minutes
• Read more about Eleventy’s project goals.

Features and Fixes

• Fixed: this.eleventy in JavaScript template functions #2790
• Fixed: lodash security audits #2877
• Fixed: pagination targets with object bracket notation #2851
• Fixed: 11ty.js templates were too aggressively cached on watch/serve #2839 #2838
• Fixed: Handlebars partials were too aggressively cached on watch/serve #2799
• Fixed: Configuration reload fixes #2864 #2869 #2867
• New: Serverless pagination now works with Arrays and Objects #2853 #2544 Learn more: https://www.11ty.dev/docs/plugins/serverless/#dynamic-slugs-to-subset-your-pagination
• Typo fixes by @​deining in #2845

Housekeeping

• Full milestone/issue list: https://github.com/11ty/eleventy/milestone/43?closed=1
• Full changelog: https://github.com/11ty/eleventy/compare/v2.0.0...v2.0.1

Thank You Notes

This project would not be possible without our lovely community. Thank you to everyone that built something with Eleventy (×684 authors on our web site!), wrote a blog post about Eleventy, contributed code, wrote a plugins, helped with documentation, asked questions, answered questions, braved The Leaderboards, participated on Discord, filed issues, attended (or organized!) a meetup, said a kind word on social media ❤️.

• A huge thank you to Netlify, especially: @​biilmann, Chris Bach, Lauren Sell (alum), and Claire Knight, without whom this release would not have been possible.
• 🏆 A special thanks to @​pdehaan for their tireless contributions on the Eleventy Issue tracker.
• Yet more thanks to the all star Discord Moderators and Meetup Coordinators @​BenDMyers, @​clottman, @​dleatherman, @​darthmall, @​nachtfunke, @​siakaramalegos and @​5t3ph.
• All of our supporters on Open Collective ❤️
• Contribute on Open Collective
• How else can you contribute to Eleventy?

Open Collective Supporters

• Gold Sponsors: Sanity.io, Nordhealth, CloudCannon, Transloadit
• Silver Sponsors: Unabridged Software, PQINA, Bejamas, Nathan Smith, Monarch Air Group, Getform.io, Mercury Jets, OCEG
• Backers: Tyler Gaw, Ariel Salminen, Peter deHaan, Melanie Sumner, Ben Nash, Alejandro Rodríguez, Mat Marquis, Philip Borenstein, Jérôme Coupé, Nicolas Hoizey, Mike Aparicio, Ben Myers, Katie Sylor-Miller, Mark Buskbjerg, mortendk, Aaron Hans, Lauris Consulting, John Meyerhofer, Todd Libby, shawn j sandy, Luke Bonaccorsi, Higby, Jenn Schiffer, Dimitrios Grammatikogiannis, Devin Clark, Eric Bailey, Manuel Matuzovic, Tim Giles, Kyosuke Nakamura, Rob Sterlini, Horacio Gonzalez, Hans Gerwitz, Makoto Kawasaki, Josh Crain, Richard Hemmer, Nick Nisi, John SJ Anderson, Ryan Swaney, Alistair Shepherd, Ivo Herrmann, Flaki, Angelique Weger, John Hall, Scott McCracken, James Steinbach, Miriam Suzanne, Bentley Davis, Ara Abcarians, vince falconi, Martin Schneider, Stephanie Eckles, Frontend Weekly Tokyo, Dorin Vancea, Chris Burnell, Ximenav Vf., Rich Holman, Kasper Storgaard, Kevin Healy, Greg Gibson, Michelle Barker, Alesandro Ortiz, David A. Herron, Paul Robert Lloyd, Andrea Vaghi, Bryan Robinson, Ashur Cabrera, Raymond Camden, John Meguerian, Joe Lamyman, Dan Ryan, Sam, Brett Nelson, Paul Welsh, Ingo Steinke, Noel Forte, Melanie Richards, Marco Zehe, Wes Ruvalcaba, Luc Poupard, Entle Web Solutions, Ken Hawkins, Fershad Irani, Nikita Dubko, Aaron Gustafson, Chris, Christian Miles, Benjamin Geese, Marcus Relacion, Netin nopeustesti, Raphael Höser, Cthos, Sia Karamalegos, Jon Kuperman, Saneef Ansari, Michel van der Kroef, Flemming Meyer, Colin Fahrion, Dan Burzo, Dan Ott, Mobilemall.pk, Cheap VPS, David Darnes, Jon Roobottom, Dana Byerly, Oisín Quinn, Renkaatsopivasti, Windesol Sähkön Kilpailutus, Luke Mitchell, SignpostMarv, THE PADDING, Bob Monsour, Richmond Insulation, Patrick Byrne, zapscribbles, Frank Reding, quinnanya, Cory Birdsong, Aram ZS, Andy Stevenson, Robin Rendle, HelppoHinta.fi, Tanner Dolby, jpoehnelt, xdesro, Alex Zappa, Richmond Concrete, Alexander Wunschik, Tom, CelineDesign, Nic Chan, Duc Lam, Stephen Bell, Robert Haselbacher, Lene, Brett DeWoody, alistairtweedie, Meta Tier List, Iva Tech, Daniel Saunders, Josh Vickerson, Dan Urbanowicz, dan leatherman, Jens Grochtdreis, CBD Review, Eric Gallager, Softermii, Eric Carlisle, Claus Conrad, Anna E. Cook, David Luhr, Matt Obee, Kiekkotorni - Nikotiinipussit

... (truncated)

Commits

• e71cb94 Coverage
• bbc3fc1 v2.0.1
• 347d41b v2.0.1-beta.2
• 3203e3a Update dependencies
• 716f65a v2.0.1-beta.1
• 273bf3b v2.0.1-alpha.3
• 916805e Publish the dependency graph in eleventy.after args
• 67ce615 Fixes #2754
• 30c7113 Custom lodash build, fixes #2877
• a9323c3 Fixes #2790
• Additional commits viewable in compare view

Updates wait-on from 6.0.1 to 7.2.0

Release notes

Sourced from wait-on's releases.

v7.2.0

Update axios from 0.27.2 to latest 1.6.1 which fixes security vulnerability CVE-2023-45857.

Thanks @​AndrewMax for the PR #147 and also for those that confirmed it.

v7.1.0

Update dependencies.

Add ability to specify timeout, httpTimeout, and tcpTimeout with a unit (ms, m, s, h), defaults to ms if not specified. Thanks @​ntkoopman

v7.0.1

Removed unnecessary eslint-plugin-standard. It was no longer needed since already included in another package.

v7.0.0

Updated dependencies:

• minimist
• eslint
• minimatch
• axios
• mocha
• rxjs

The update to latest mocha removed support for Node.js below 12.

Commits

• a10322f 7.2.0
• fc27d1b Merge branch 'AndrewMax-amaks/fix/axios-1.6.0'
• a71be27 chore: bump Axios to 1.6.1
• 69092f4 fix: update axios to 1.6.0 to fix CVE-2023-45857
• aefc49e 7.1.0
• 0ec371e update semver
• 96b0e33 Merge pull request #144 from jeffbski/update-deps-2023-11-02
• 18a9b6c major dep updates
• f4c99ae patch and minor dep updates
• b9ec579 Merge branch 'ntkoopman-interval'
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/capitec/omni-components/network/alerts).

[dependabot[bot]]

Looks like these dependencies are updatable in another way, so this is no longer needed.