search

heliomarpm / udemy-downloader-gui

A desktop application for downloading Udemy Courses
MIT License
1.03k stars 209 forks source link

[Snyk] Upgrade axios from 1.5.1 to 1.6.1 #172

Closed heliomarpm closed 7 months ago

heliomarpm commented 11 months ago

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade axios from 1.5.1 to 1.6.1.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
- The recommended version is **2 versions** ahead of your current version. - The recommended version was released **21 days ago**, on 2023-11-08. The recommended version fixes: Severity | Issue | PriorityScore (*) | Exploit Maturity | :-------------------------:|:-------------------------|-------------------------|:------------------------- | Cross-site Request Forgery (CSRF)
[SNYK-JS-AXIOS-6032459](https://snyk.io/vuln/SNYK-JS-AXIOS-6032459) | **676/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 7.1 | Proof of Concept (*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: axios from axios GitHub release notes
Commit messages
Package name: axios
  • f6d2cf9 chore(ci): fix publish action content permission; (#6061)
  • a22f4b9 chore(release): v1.6.1 (#6060)
  • cb8bb2b chore(ci): Publish to NPM with provenance (#5835)
  • 37cbf92 chore(ci): added labeling and notification for published PRs; (#6059)
  • dd465ab fix(formdata): fixed content-type header normalization for non-standard browser environments; (#6056)
  • 3dc8369 fix(platform): fixed emulated browser detection in node.js environment; (#6055)
  • f7adacd chore(release): v1.6.0 (#6031)
  • 9917e67 chore(ci): fix release-it arg; (#6032)
  • 96ee232 fix(CSRF): fixed CSRF vulnerability CVE-2023-45857 (#6028)
  • 7d45ab2 chore(tests): fixed tests to pass in node v19 and v20 with `keep-alive` enabled; (#6021)
  • 5aaff53 fix(dns): fixed lookup function decorator to work properly in node v20; (#6011)
  • a48a63a chore(docs): added AxiosHeaders docs; (#5932)
  • a1c8ad0 fix(types): fix AxiosHeaders types; (#5931)
  • 2ac731d chore(docs): update readme.md (#5889)
Compare
**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.* For more information: 🧐 [View latest project report](https://app.snyk.io/org/heliomarpm/project/aa69d961-2a47-4212-a08b-512fa7ca3272?utm_source=github&utm_medium=referral&page=upgrade-pr) 🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/heliomarpm/project/aa69d961-2a47-4212-a08b-512fa7ca3272/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr) 🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/heliomarpm/project/aa69d961-2a47-4212-a08b-512fa7ca3272/settings/integration?pkg=axios&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)