This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade axios from 1.5.1 to 1.6.1.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
- The recommended version is **2 versions** ahead of your current version.
- The recommended version was released **21 days ago**, on 2023-11-08.
The recommended version fixes:
Severity | Issue | PriorityScore (*) | Exploit Maturity |
:-------------------------:|:-------------------------|-------------------------|:-------------------------
| Cross-site Request Forgery (CSRF) [SNYK-JS-AXIOS-6032459](https://snyk.io/vuln/SNYK-JS-AXIOS-6032459) | **676/1000** **Why?** Proof of Concept exploit, Has a fix available, CVSS 7.1 | Proof of Concept
(*) Note that the real score may have changed since the PR was raised.
Release notes Package name: axios
Compare
**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.*
For more information:
🧐 [View latest project report](https://app.snyk.io/org/heliomarpm/project/aa69d961-2a47-4212-a08b-512fa7ca3272?utm_source=github&utm_medium=referral&page=upgrade-pr)
🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/heliomarpm/project/aa69d961-2a47-4212-a08b-512fa7ca3272/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr)
🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/heliomarpm/project/aa69d961-2a47-4212-a08b-512fa7ca3272/settings/integration?pkg=axios&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade axios from 1.5.1 to 1.6.1.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.- The recommended version is **2 versions** ahead of your current version. - The recommended version was released **21 days ago**, on 2023-11-08. The recommended version fixes: Severity | Issue | PriorityScore (*) | Exploit Maturity | :-------------------------:|:-------------------------|-------------------------|:-------------------------
[SNYK-JS-AXIOS-6032459](https://snyk.io/vuln/SNYK-JS-AXIOS-6032459) | **676/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 7.1 | Proof of Concept (*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: axios
-
1.6.1 - 2023-11-08
- formdata: fixed content-type header normalization for non-standard browser environments; (#6056) (dd465ab)
- platform: fixed emulated browser detection in node.js environment; (#6055) (3dc8369)
Dmitriy Mozgovoy
Fabian Meyer
-
1.6.0 - 2023-10-26
- CSRF: fixed CSRF vulnerability CVE-2023-45857 (#6028) (96ee232)
- dns: fixed lookup function decorator to work properly in node v20; (#6011) (5aaff53)
- types: fix AxiosHeaders types; (#5931) (a1c8ad0)
- CVE 2023 45857 ( #6028 )
Dmitriy Mozgovoy
Valentin Panov
Rinku Chaudhari
-
1.5.1 - 2023-09-26
- adapters: improved adapters loading logic to have clear error messages; (#5919) (e410779)
- formdata: fixed automatic addition of the
- headers: allow
- types: removed duplicated code (9e62056)
Dmitriy Mozgovoy
David Dallas
Sean Sattler
Mustafa Ateş Uzun
Przemyslaw Motacki
Michael Di Prisco
from axios GitHub release notesRelease notes:
Bug Fixes
Contributors to this release
Release notes:
Bug Fixes
PRs
Contributors to this release
Release notes:
Bug Fixes
Content-Typeheader for FormData in non-browser environments; (#5917) (bc9af51)content-encodingheader to handle case-insensitive values (#5890) (#5892) (4c89f25)Contributors to this release
Commit messages
Package name: axios
- f6d2cf9 chore(ci): fix publish action content permission; (#6061)
- a22f4b9 chore(release): v1.6.1 (#6060)
- cb8bb2b chore(ci): Publish to NPM with provenance (#5835)
- 37cbf92 chore(ci): added labeling and notification for published PRs; (#6059)
- dd465ab fix(formdata): fixed content-type header normalization for non-standard browser environments; (#6056)
- 3dc8369 fix(platform): fixed emulated browser detection in node.js environment; (#6055)
- f7adacd chore(release): v1.6.0 (#6031)
- 9917e67 chore(ci): fix release-it arg; (#6032)
- 96ee232 fix(CSRF): fixed CSRF vulnerability CVE-2023-45857 (#6028)
- 7d45ab2 chore(tests): fixed tests to pass in node v19 and v20 with `keep-alive` enabled; (#6021)
- 5aaff53 fix(dns): fixed lookup function decorator to work properly in node v20; (#6011)
- a48a63a chore(docs): added AxiosHeaders docs; (#5932)
- a1c8ad0 fix(types): fix AxiosHeaders types; (#5931)
- 2ac731d chore(docs): update readme.md (#5889)
Compare**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.* For more information: