Closed dependabot[bot] closed 6 months ago
Updated dependencies detected. Learn more about Socket for GitHub ↗︎
Packages | Version | New capabilities | Transitives | Size | Publisher |
---|---|---|---|---|---|
axios | 0.21.4...1.6.0 | network, environment | +3/-1 |
1.89 MB | jasonsaayman |
@tiagosiebler it'd be great if we can merge this, it affects security updates on dependent projects
@tiagosiebler it'd be great if we can merge this, it affects security updates on dependent projects
I didn't merge this automatically as it broke the build (type conflicts), but I did actually fix and upgrade axios last week as of v2.9.0. This automated PR is actually redundant now, latest build now uses axios v1.6.2: https://github.com/tiagosiebler/binance/blob/master/package.json#L36
Will be updating axios in my other SDKs soon as well. Hope you're otherwise enjoying the SDK.
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version
or @dependabot ignore this minor version
.
If you change your mind, just re-open this PR and I'll resolve any conflicts on it.
Thank you mate ✌️
Bumps axios from 0.21.4 to 1.6.0.
Release notes
Sourced from axios's releases.
... (truncated)
Changelog
Sourced from axios's changelog.
... (truncated)
Commits
f7adacd
chore(release): v1.6.0 (#6031)9917e67
chore(ci): fix release-it arg; (#6032)96ee232
fix(CSRF): fixed CSRF vulnerability CVE-2023-45857 (#6028)7d45ab2
chore(tests): fixed tests to pass in node v19 and v20 withkeep-alive
enabl...5aaff53
fix(dns): fixed lookup function decorator to work properly in node v20; (#6011)a48a63a
chore(docs): added AxiosHeaders docs; (#5932)a1c8ad0
fix(types): fix AxiosHeaders types; (#5931)2ac731d
chore(docs): update readme.md (#5889)88fb52b
chore(release): v1.5.1 (#5920)e410779
fix(adapters): improved adapters loading logic to have clear error messages; ...You can trigger a rebase of this PR by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show