valdisiljuconoks / localization-provider-core

Database driven localization provider for .NET applications (with administrative management UI)
Apache License 2.0
120 stars 22 forks source link

[Snyk] Upgrade axios from 0.21.1 to 0.25.0 #103

Closed snyk-bot closed 2 years ago

snyk-bot commented 2 years ago

Snyk has created this PR to upgrade axios from 0.21.1 to 0.25.0.

merge advice :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Regular Expression Denial of Service (ReDoS)
SNYK-JS-AXIOS-1579269
696/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
Proof of Concept
Information Exposure
SNYK-JS-FOLLOWREDIRECTS-2332181
696/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
Proof of Concept
Information Exposure
SNYK-JS-FOLLOWREDIRECTS-2396346
696/1000
Why? Proof of Concept exploit, Has a fix available, CVSS 7.5
No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: axios from axios GitHub release notes
Commit messages
Package name: axios
  • 63dfce8 Releasing v0.25
  • dccaeb1 Updated changelog for release
  • 51f3ccb Updating follow-redirects with security updates (#4379)
  • ccc9516 Fixing removing package-lock from gitignore (#4346)
  • ea0d9c6 Adding error handling inside stream end callback (#3967)
  • 4fbf61d Adding responseEncoding prop type in AxiosRequestConfig (#3918)
  • a76571a Use native `Array.isArray()` in `utils.js` (#3836)
  • a8cd75a Update isAbsoluteURL.js (#3809)
  • 9579290 Adding error handling when missing url (#3791)
  • 9964815 toFormData helper function (#3757)
  • c00c4dd Fixing maxBodyLength enforcement (#3786)
  • 962f9ab Update upgrade guide for https proxy setting (#3604)
  • e6aef5a (Add tests to) document how multiple inceptors work (#3564)
  • 6fca6a7 refactor(helpers): optimize the logic of isAxiosError (#3546)
  • 476ee88 chore: ignore yarn.lock file (#3545)
  • 4c8b02d Adding axios-test-instance to ecosystem (#3496)
  • cd1b82b Removing code relying on strict mode behaviour for arguments (#3470)
  • 55e6577 Adding a socket handler for keep TCP connection (#3422)
  • ebedf6b Avoid unnecessary Buffer allocations (#3321)
  • 716d5de Update utils.js (#3342)
  • 5431634 Fixing Cancel' signature. (#3152) (#3153)
  • 6b4fd93 Expand Headers types (#4144)
  • c5fe05b Adding aborted event handler (#3916)
  • 1885ac7 Adding dev branch to CI
Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs