sonarcloud[bot]
commented
5 months ago 
Quality Gate passed
Issues
0 New issues
0 Accepted issues
Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade axios from 1.6.2 to 1.6.8.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.- The recommended version is **6 versions** ahead of your current version. - The recommended version was released **2 months ago**, on 2024-03-15. The recommended version fixes: Severity | Issue | PriorityScore (*) | Exploit Maturity | :-------------------------:|:-------------------------|-------------------------|:-------------------------
[SNYK-JS-AXIOS-6144788](https://snyk.io/vuln/SNYK-JS-AXIOS-6144788) | **589/1000**
**Why?** Has a fix available, CVSS 7.5 | No Known Exploit
[SNYK-JS-FOLLOWREDIRECTS-6141137](https://snyk.io/vuln/SNYK-JS-FOLLOWREDIRECTS-6141137) | **589/1000**
**Why?** Has a fix available, CVSS 7.5 | Proof of Concept
[SNYK-JS-AXIOS-6124857](https://snyk.io/vuln/SNYK-JS-AXIOS-6124857) | **589/1000**
**Why?** Has a fix available, CVSS 7.5 | Proof of Concept
[SNYK-JS-FOLLOWREDIRECTS-6444610](https://snyk.io/vuln/SNYK-JS-FOLLOWREDIRECTS-6444610) | **589/1000**
**Why?** Has a fix available, CVSS 7.5 | Proof of Concept (*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: axios
-
1.6.8 - 2024-03-15
- AxiosHeaders: fix AxiosHeaders conversion to an object during config merging (#6243) (2656612)
- import: use named export for EventEmitter; (7320430)
- vulnerability: update follow-redirects to 1.15.6 (#6300) (8786e0f)
Jay
Dmitriy Mozgovoy
Mitchell
Emmanuel
Lucas Keller
Aditya Mogili
Miroslav Petrov
-
1.6.7 - 2024-01-25
- capture async stack only for rejections with native error objects; (#6203) (1a08f90)
Dmitriy Mozgovoy
zhoulixiang
-
1.6.6 - 2024-01-24
- fixed missed dispatchBeforeRedirect argument (#5778) (a1938ff)
- wrap errors to improve async stack trace (#5987) (123f354)
Ilya Priven
Zao Soula
-
1.6.5 - 2024-01-05
- ci: refactor notify action as a job of publish action; (#6176) (0736f95)
- dns: fixed lookup error handling; (#6175) (f4f2b03)
Dmitriy Mozgovoy
Jay
-
1.6.4 - 2024-01-03
- security: fixed formToJSON prototype pollution vulnerability; (#6167) (3c0c11c)
- security: fixed security vulnerability in follow-redirects (#6163) (75af1cd)
Jay
Dmitriy Mozgovoy
Guy Nesher
-
1.6.3 - 2023-12-26
- Regular Expression Denial of Service (ReDoS) (#6132) (5e7ad38)
Jay
Willian Agostini
Dmitriy Mozgovoy
-
1.6.2 - 2023-11-14
- withXSRFToken: added withXSRFToken option as a workaround to achieve the old
- feat(withXSRFToken): added withXSRFToken option as a workaround to achieve the old `withCredentials` behavior; ( #6046 )
Dmitriy Mozgovoy
Ng Choon Khon (CK)
Muhammad Noman
from axios GitHub release notesRelease notes:
Bug Fixes
Contributors to this release
Release notes:
Bug Fixes
Contributors to this release
Release notes:
Bug Fixes
Contributors to this release
Release notes:
Bug Fixes
Contributors to this release
Release notes:
Bug Fixes
Contributors to this release
Release notes:
Bug Fixes
Contributors to this release
Release notes:
Features
withCredentialsbehavior; (#6046) (cff9967)PRs
Contributors to this release
Commit messages
Package name: axios
- ab3f0f9 chore(release): v1.6.8 (#6303)
- 2656612 fix(AxiosHeaders): fix AxiosHeaders conversion to an object during config merging (#6243)
- 7320430 fix(import): use named export for EventEmitter;
- 8786e0f fix(vulnerability): update follow-redirects to 1.15.6 (#6300)
- d844227 chore: update and bump deps (#6238)
- caa0625 docs: update README responseEncoding types (#6194)
- 41c4584 docs: Update README.md to point to current axios version in CDN links (#6196)
- bf6974f chore(ci): add npm tag action; (#6231)
- a52e4d9 chore(release): v1.6.7 (#6204)
- 2b69888 chore: remove unnecessary check (#6186)
- 1a08f90 fix: capture async stack only for rejections with native error objects; (#6203)
- 104aa3f chore(release): v1.6.6 (#6199)
- a1938ff fix: fixed missed dispatchBeforeRedirect argument (#5778)
- 123f354 fix: wrap errors to improve async stack trace (#5987)
- 6d4c421 chore(release): v1.6.5 (#6177)
- 0736f95 fix(ci): refactor notify action as a job of publish action; (#6176)
- f4f2b03 fix(dns): fixed lookup error handling; (#6175)
- 1f73dcb docs: update sponsor links
- 8790b8e chore(release): v1.6.4 (#6173)
- 0ad520d chore(ci): fix notify action; (#6172)
- 3c0c11c fix(security): fixed formToJSON prototype pollution vulnerability; (#6167)
- 75af1cd fix(security): fixed security vulnerability in follow-redirects (#6163)
- 90864b3 docs: update logos
- 1542719 docs: updated headline sponsors
Compare**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.* For more information: