snyk / vulncost

Find security vulnerabilities in open source npm packages while you code
https://marketplace.visualstudio.com/items?itemName=snyk-security.vscode-vuln-cost
MIT License
202 stars 35 forks source link

[Snyk-beemo] Upgrade axios from 0.19.2 to 0.20.0 #43

Closed snyk-bot closed 4 years ago

snyk-bot commented 4 years ago

Snyk has created this PR to upgrade axios from 0.19.2 to 0.20.0.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


Release notes
Package name: axios
  • 0.20.0 - 2020-08-21

    Release of 0.20.0-pre as a full release with no other changes.

  • 0.20.0-0 - 2020-07-15

    0.20.0-pre (July 15, 2020)

    Fixes and Functionality:

    • Fixing response with utf-8 BOM can not parse to json (#2419)
      • fix: remove byte order marker (UTF-8 BOM) when transform response
      • fix: remove BOM only utf-8
      • test: utf-8 BOM
      • fix: incorrect param name
    • Refactor mergeConfig without utils.deepMerge (#2844)
      • Adding failing test
      • Fixing #2587 default custom config persisting
      • Adding Concat keys and filter duplicates
      • Fixed value from CPE
      • update for review feedbacks
      • no deepMerge
      • only merge between plain objects
      • fix rename
      • always merge config by mergeConfig
      • extract function mergeDeepProperties
      • refactor mergeConfig with all keys, and add special logic for validateStatus
      • add test for resetting headers
      • add lots of tests and fix a bug
      • should not inherit data
      • use simple toString
    • Fixing overwrite Blob/File type as Content-Type in browser. (#1773)
    • Fixing an issue that type 'null' is not assignable to validateStatus (#2773)
    • Fixing special char encoding (#1671)
      • removing @ character from replacement list since it is a reserved character
      • Updating buildURL test to not include the @ character
      • Removing console logs
    • Fixing password encoding with special characters in basic authentication (#1492)
      • Fixing password encoding with special characters in basic authentication
      • Adding test to check if password with non-Latin1 characters pass
    • Fixing 'Network Error' in react native android (#1487)
      There is a bug in react native Android platform when using get method. It will trigger a 'Network Error' when passing the requestData which is an empty string to request.send function. So if the requestData is an empty string we can set it to null as well to fix the bug.
    • Fixing Cookie Helper with Asyc Components (#1105) (#1107)
    • Fixing 'progressEvent' type (#2851)
      • Fix 'progressEvent' type
      • Update axios.ts
    • Fixing getting local files (file://) failed (#2470)
      • fix issue #2416, #2396
      • fix Eslint warn
      • Modify judgment conditions
      • add unit test
      • update unit test
      • update unit test
    • Allow PURGE method in typings (#2191)
    • Adding option to disable automatic decompression (#2661)
      • Adding ability to disable auto decompression
      • Updating decompress documentation in README
      • Fixing test\unit\adapters\http.js lint errors
      • Adding test for disabling auto decompression
      • Removing changes that fixed lint errors in tests
      • Removing formating change to unit test
    • Add independent maxBodyLength option (#2781)
      • Add independent option to set the maximum size of the request body
      • Remove maxBodyLength check
      • Update README
      • Assert for error code and message
    • Adding responseEncoding to mergeConfig (#1745)
    • Compatible with follow-redirect aborts the request (#2689)
      • Compatible with follow-redirect aborts the request
      • Use the error code
    • Fix merging of params (#2656)
      • Name function to avoid ESLint func-names warning
      • Switch params config to merge list and update tests
      • Restore testing of both false and null
      • Restore test cases for keys without defaults
      • Include test for non-object values that aren't false-y.
    • Revert finally as then (#2683)

    Internal and Tests:

    • Fix stale bot config (#3049)
      • fix stale bot config
      • fix multiple lines
    • Add days and change name to work (#3035)
    • Update close-issues.yml (#3031)
      • Update close-issues.yml
        Update close message to read better 😄
      • Fix use of quotations
        Use single quotes as per other .yml files
      • Remove user name form message
    • Add GitHub actions to close stale issues/prs (#3029)
      • prepare stale actions
      • update messages
      • Add exempt labels and lighten up comments
    • Add GitHub actions to close invalid issues (#3022)
      • add close actions
      • fix with checkout
      • update issue templates
      • add reminder
      • update close message
    • Add test with Node.js 12 (#2860)
      • test with Node.js 12
      • test with latest
    • Adding console log on sandbox server startup (#2210)
      • Adding console log on sandbox server startup
      • Update server.js
        Add server error handeling
      • Update server.js
        Better error message, remove retry.
    • Adding tests for method options type definitions (#1996)
      Update tests.
    • Add test for redirecting with too large response (#2695)
    • Fixing unit test failure in Windows OS (#2601)
    • Fixing issue for HEAD method and gziped repsonse (#2666)
    • Fix tests in browsers (#2748)
    • chore: add jsdelivr and unpkg support (#2443)

    Documentation:

    • Adding support for URLSearchParams in node (#1900)
      • Adding support for URLSearchParams in node
      • Remove un-needed code
      • Update utils.js
      • Make changes as suggested
    • Adding table of content (preview) (#3050)
      • add toc (preview)
      • remove toc in toc
        Signed-off-by: Moni usmoni@gmail.com
      • fix sublinks
      • fix indentation
      • remove redundant table links
      • update caps and indent
      • remove axios
    • Replace 'blacklist' with 'blocklist' (#3006)
    • docs(): Detailed config options environment. (#2088)
      • docs(): Detailed config options environment.
      • Update README.md
    • Include axios-data-unpacker in ECOSYSTEM.md (#2080)
    • Allow opening examples in Gitpod (#1958)
    • Remove axios.all() and axios.spread() from Readme.md (#2727)
      • remove axios.all(), axios.spread()
      • replace example
      • axios.all() -> Promise.all()
      • axios.spread(function (acct, perms)) -> function (acct, perms)
      • add deprecated mark
    • Update README.md (#2887)
      Small change to the data attribute doc of the config. A request body can also be set for DELETE methods but this wasn't mentioned in the documentation (it only mentioned POST, PUT and PATCH). Took my some 10-20 minutes until I realized that I don't need to manipulate the request body with transformRequest in the case of DELETE.
    • Include swagger-taxos-codegen in ECOSYSTEM.md (#2162)
    • Add CDNJS version badge in README.md (#878)
      This badge will show the version on CDNJS!
    • Documentation update to clear up ambiguity in code examples (#2928)
      • Made a adjustment to the documenation to clear up any ambiguity around the use of "fs". This should help clear up that the code examples with "fs" cannot be used on the client side.
    • Update README.md about validateStatus (#2912)
      Rewrote the comment from "Reject only if the status code is greater than or equal to 500" to "Resolve only if the status code is less than 500"
    • Updating documentation for usage form-data (#2805)
      Closes #2049
    • Fixing CHANGELOG.md issue link (#2784)
    • Include axios-hooks in ECOSYSTEM.md (#2003)
    • Added Response header access instructions (#1901)
      • Added Response header access instructions
      • Added note about using bracket notation
    • Add onUploadProgress and onDownloadProgress are browser only (#2763)
      Saw in #928 and #1966 that onUploadProgress and onDownloadProgress only work in the browser and was missing that from the README.
    • Update ' sign to ` in proxy spec (#2778)
    • Adding jsDelivr link in README (#1110)
      • Adding jsDelivr link
      • Add SRI
      • Remove SRI

    Huge thanks to everyone who contributed to this release via code (authors listed
    below) or via reviews and triaging on GitHub:

  • 0.19.2 - 2020-01-22
    • Remove unnecessary XSS check (#2679) (see (#2646) for discussion)
from axios GitHub release notes
Commit messages
Package name: axios
  • 0d87655 Releasing 0.20.0
  • cd27741 Updating changelog for 0.20.0 release
  • ffea034 Releasing 0.20.0-0
  • fe147fb Updating changlog for 0.20.0 beta release
  • 16aa2ce Fixing response with utf-8 BOM can not parse to json (#2419)
  • c4300a8 Adding support for URLSearchParams in node (#1900)
  • bed6783 add table of content (preview) (#3050)
  • c70fab9 Fix stale bot config (#3049)
  • 5b08fc4 Add days and change name to work (#3035)
  • 1768c23 Update close-issues.yml (#3031)
  • 3dbf6a1 Add GitHub actions to close stale issues/prs (#3029)
  • a9010e4 Add GitHub actions to close invalid issues (#3022)
  • 36f0ad2 Replace 'blacklist' with 'blocklist' (#3006)
  • 0d69a79 Refactor mergeConfig without utils.deepMerge (#2844)
  • 4879416 Allow unsetting headers by passing null (#382) (#1845)
  • 4b3947a Add test with Node.js 12 (#2860)
  • 0077205 Adding console log on sandbox server startup (#2210)
  • ee46dff docs(): Detailed config options environment. (#2088)
  • 17a6886 Include axios-data-unpacker in ECOSYSTEM.md (#2080)
  • 3f2ef03 Allow opening examples in Gitpod (#1958)
  • f3cc053 Fixing overwrite Blob/File type as Content-Type in browser. (#1773)
  • f2b478f Revert "Fixing default transformRequest with buffer pools (#1511)" (#2982)
  • d35b5b5 Remove axios.all() and axios.spread() from Readme.md (#2727)
  • 6d36dbe Update README.md (#2887)
Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs