Skip to content
This repository has been archived by the owner on May 3, 2024. It is now read-only.

Update dependency axios to ^0.25.0 (main) #587

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Update dependency axios to ^0.25.0 (main) #587

wants to merge 1 commit into from

Conversation

mend-for-github-com[bot]
Copy link
Contributor

@mend-for-github-com mend-for-github-com bot commented Feb 20, 2022
edited
Loading

This PR contains the following updates:

Package Type Update Change
axios (source) dependencies minor ^0.24.0 -> ^0.25.0

By merging this PR, the below issues will be automatically resolved and closed:

Severity CVSS Score CVE GitHub Issue
Medium 6.5 CVE-2022-0155 #577
Medium 5.9 CVE-2022-0536 #588

Release Notes

axios/axios

v0.25.0

Compare Source

Breaking changes:

  • Fixing maxBodyLength enforcement (#​3786)
  • Don't rely on strict mode behavior for arguments (#​3470)
  • Adding error handling when missing url (#​3791)
  • Update isAbsoluteURL.js removing escaping of non-special characters (#​3809)
  • Use native Array.isArray() in utils.js (#​3836)
  • Adding error handling inside stream end callback (#​3967)

Fixes and Functionality:

  • Added aborted even handler (#​3916)
  • Header types expanded allowing boolean and number types (#​4144)
  • Fix cancel signature allowing cancel message to be undefined (#​3153)
  • Updated type checks to be formulated better (#​3342)
  • Avoid unnecessary buffer allocations (#​3321)
  • Adding a socket handler to keep TCP connection live when processing long living requests (#​3422)
  • Added toFormData helper function (#​3757)
  • Adding responseEncoding prop type in AxiosRequestConfig (#​3918)

Internal and Tests:

  • Adding axios-test-instance to ecosystem (#​3496)
  • Optimize the logic of isAxiosError (#​3546)
  • Add tests and documentation to display how multiple inceptors work (#​3564)
  • Updating follow-redirects to version 1.14.7 (#​4379)

Documentation:

  • Fixing changelog to show correct pull request (#​4219)
  • Update upgrade guide for https proxy setting (#​3604)

Huge thanks to everyone who contributed to this release via code (authors listed below) or via reviews and triaging on GitHub:

  • If you want to rebase/retry this PR, click this checkbox.

@cla-bot
Copy link

cla-bot bot commented Feb 20, 2022

Thanks for your contribution!
The CLA bot has flagged your contribution as not having a Contributor License Agreement
in place. Note that this is not needed in the overwhelming majority of instances and this warning will usually be ignored.
The code reviewers will make a determination and may ask you to sign a CLA or may choose to ignore this warning.
More information about this can be found here.

@mend-for-github-com mend-for-github-com bot added the security fix Security fix generated by WhiteSource label Feb 20, 2022
@cortx-admin
Copy link

Can one of the admins verify this patch?

@stale
Copy link

stale bot commented Feb 25, 2022

This issue/pull request has been marked as needs attention as it has been left pending without new activity for 4 days. Tagging @ajaysrivas @kupranay for appropriate assignment. Sorry for the delay & Thank you for contributing to CORTX. We will get back to you as soon as possible.

@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/main-axios-0.x branch from a8b801f to 3dee4a3 Compare March 5, 2022 00:35
@cla-bot
Copy link

cla-bot bot commented Mar 5, 2022

Thanks for your contribution!
The CLA bot has flagged your contribution as not having a Contributor License Agreement
in place. Note that this is not needed in the overwhelming majority of instances and this warning will usually be ignored.
The code reviewers will make a determination and may ask you to sign a CLA or may choose to ignore this warning.
More information about this can be found here.

@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/main-axios-0.x branch from 3dee4a3 to 3c6a954 Compare April 26, 2022 16:17
@cla-bot
Copy link

cla-bot bot commented Apr 26, 2022

Thanks for your contribution!
The CLA bot has flagged your contribution as not having a Contributor License Agreement
in place. Note that this is not needed in the overwhelming majority of instances and this warning will usually be ignored.
The code reviewers will make a determination and may ask you to sign a CLA or may choose to ignore this warning.
More information about this can be found here.

@mend-for-github-com mend-for-github-com bot changed the title Update dependency axios to ^0.25.0 (main) Update dependency axios to ^0.26.0 (main) May 4, 2022
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/main-axios-0.x branch from 3c6a954 to 5cd9216 Compare May 4, 2022 23:16
@cla-bot
Copy link

cla-bot bot commented May 4, 2022

Thanks for your contribution!
The CLA bot has flagged your contribution as not having a Contributor License Agreement
in place. Note that this is not needed in the overwhelming majority of instances and this warning will usually be ignored.
The code reviewers will make a determination and may ask you to sign a CLA or may choose to ignore this warning.
More information about this can be found here.

@mend-for-github-com mend-for-github-com bot changed the title Update dependency axios to ^0.26.0 (main) Update dependency axios to ^0.25.0 (main) May 7, 2022
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/main-axios-0.x branch from 5cd9216 to 65d9a21 Compare May 7, 2022 10:44
@cla-bot
Copy link

cla-bot bot commented May 7, 2022

Thanks for your contribution!
The CLA bot has flagged your contribution as not having a Contributor License Agreement
in place. Note that this is not needed in the overwhelming majority of instances and this warning will usually be ignored.
The code reviewers will make a determination and may ask you to sign a CLA or may choose to ignore this warning.
More information about this can be found here.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@ajaysrivas ajaysrivas Awaiting requested review from ajaysrivas

@kupranay kupranay Awaiting requested review from kupranay

At least 2 approving reviews are required to merge this pull request.

Assignees
No one assigned
Labels
needs-attention security fix Security fix generated by WhiteSource
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@cortx-admin