search

energywebfoundation / passport-did-auth

Node.js Passport authentication and authorisation strategy using DIDs(Decentralised Identifiers) and VCs(Verifiable Credentials)
GNU General Public License v3.0
15 stars 10 forks source link

[Snyk] Upgrade axios from 0.27.0 to 0.27.2 #386

Open whitneypurdum opened 1 year ago

whitneypurdum commented 1 year ago

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade axios from 0.27.0 to 0.27.2.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
- The recommended version is **2 versions** ahead of your current version. - The recommended version was released **a year ago**, on 2022-04-27. The recommended version fixes: Severity | Issue | PriorityScore (*) | Exploit Maturity | :-------------------------:|:-------------------------|-------------------------|:------------------------- | Cryptographic Issues
[SNYK-JS-ELLIPTIC-1064899](https://snyk.io/vuln/SNYK-JS-ELLIPTIC-1064899) | **340/1000**
**Why?** CVSS 6.8 | No Known Exploit (*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: axios
  • 0.27.2 - 2022-04-27

    Fixes and Functionality:

    • Fixed FormData posting in browser environment by reverting #3785 (#4640)
    • Enhanced protocol parsing implementation (#4639)
    • Fixed bundle size
      </li>
  <li>
    <b>0.27.1</b> - <a href="https://snyk.io/redirect/github/axios/axios/releases/tag/v0.27.1">2022-04-26</a></br><h3>Fixes and Functionality:</h3>
    • Removed import of url module in browser build due to huge size overhead and builds being broken (#4594)
    • Bumped follow-redirects to ^1.14.9 (#4615)
      </li>
  <li>
    <b>0.27.0</b> - <a href="https://snyk.io/redirect/github/axios/axios/releases/tag/v0.27.0">2022-04-25</a></br><h3>Breaking changes:</h3>
    • New toFormData helper function that allows the implementor to pass an object and allow axios to convert it to FormData (#3757)
    • Removed functionality that removed the the Content-Type request header when passing FormData (#3785)
    • (*) Refactored error handling implementing AxiosError as a constructor, this is a large change to error handling on the whole (#3645)
    • Separated responsibility for FormData instantiation between transformRequest and toFormData (#4470)
    • (*) Improved and fixed multiple issues with FormData support (#4448)

    QOL and DevX improvements:

    • Added a multipart/form-data testing playground allowing contributors to debug changes easily (#4465)

    Fixes and Functionality:

    • Refactored project file structure to avoid circular imports (#4515) & (#4516)
    • Bumped follow-redirects to ^1.14.9 (#4562)

    Internal and Tests:

    • Updated dev dependencies to latest version

    Documentation:

    • Fixing incorrect link in changelog (#4551)

    Notes:

    • (*) Please read these pull requests before updating, these changes are very impactful and far reaching.
      </li>
</ul>
from <a href="https://snyk.io/redirect/github/axios/axios/releases">axios GitHub release notes</a>

Commit messages
Package name: axios
  • bc733fe Releasing v0.27.2
  • b9e9fb4 Enhanced protocol parsing implementation to fix #4633; (#4639)
  • 76432c1 Fixed FormData posting in browser environment by reverting #3785; (#4640)
  • 82fd15f Combined build process and cleaned it up a bit
  • 1d82af1 Fixing issues with bundle sizes
  • bcb166e Fixed incorrect date in changelog
  • 838f53b Merge branch 'master' of github.com:axios/axios
  • cb9c534 Releasing v0.27.1
  • 91d21fc Releasing v0.72.1
  • 167cb8b Remove eslint-g package as this seems have been added in error
  • 4f7e3e3 Removed import of url module in browser build due to significant size overhead; (#4594)
  • cdd7add Fixed date on chnagelog
  • f94dda9 Bump async from 2.6.3 to 2.6.4 (#4615)
Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

CLAassistant commented 1 year ago

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
You have signed the CLA already but the status is still pending? Let us recheck it.