Skip to content

fix security volunerability in follow-redirects#6163

Merged
DigitalBrainJS merged 3 commits intoaxios:v1.xfrom
gnesher:upgrade-follow-redirect
Jan 3, 2024
Merged

fix security volunerability in follow-redirects#6163
DigitalBrainJS merged 3 commits intoaxios:v1.xfrom
gnesher:upgrade-follow-redirect

Conversation

@gnesher
Copy link
Contributor

@gnesher gnesher commented Jan 2, 2024

The current version of follow-redirects (1.15.0) is flagged with high-security risk by Snyk, this PR simply upgrades to version 1.15.4 to solve this.

@gnesher gnesher mentioned this pull request Jan 2, 2024
Closed
@jasonsaayman jasonsaayman mentioned this pull request Jan 2, 2024
Closed
@jasonsaayman
Copy link
Member

jasonsaayman commented Jan 2, 2024
edited
Loading

issue #6164 @gnesher thanks for the super quick solve

@jasonsaayman
Copy link
Member

jasonsaayman commented Jan 3, 2024

@gnesher seems that the tests are failing, I do however believe the message may have just changed so can you just address that and I can merge?

@gnesher
Copy link
Contributor Author

gnesher commented Jan 3, 2024

@gnesher seems that the tests are failing, I do however believe the message may have just changed so can you just address that and I can merge?

I've pushed a fix that simply accommodates the new text, but I'd be honest and say I'm not sure where (or why) it's coming. Anyhow the test passes :)

@Arthuzuga
Copy link

Arthuzuga commented Jan 3, 2024

@jasonsaayman please could you do a new review here? 😉

@lautarolecumberry lautarolecumberry mentioned this pull request Jan 3, 2024
Merged
@jabennett1515
Copy link

jabennett1515 commented Jan 3, 2024

When can this get merged? We are currently experiencing issues and need this to be deployed in a release. @jasonsaayman @gnesher

@mddohm1
Copy link

mddohm1 commented Jan 3, 2024

Nice! Thanks @dabrad26!!

@DigitalBrainJS DigitalBrainJS merged commit 75af1cd into axios:v1.x Jan 3, 2024
@github-actions github-actions bot mentioned this pull request Jan 3, 2024
Merged
@github-actions github-actions bot added the v1.6.4 label Jan 3, 2024
@github-actions
Copy link
Contributor

github-actions bot commented Jan 3, 2024

Hi, @gnesher! This PR has been published in v1.6.4 release. Thank you for your contribution ❤️!

neotokenapp bot pushed a commit to neohelden/commons-nestjs-server-auth that referenced this pull request Jan 4, 2024
@dependabot
chore(deps-dev): bump axios from 1.6.3 to 1.6.4 (#81)
5638112 
Bumps [axios](https://github.com/axios/axios) from 1.6.3 to 1.6.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/axios/axios/releases">axios's
releases</a>.</em></p>
<blockquote>
<h2>Release v1.6.4</h2>
<h2>Release notes:</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>security:</strong> fixed formToJSON prototype pollution
vulnerability; (<a
href="https://redirect.github.com/axios/axios/issues/6167">#6167</a>)
(<a
href="https://github.com/axios/axios/commit/3c0c11cade045c4412c242b5727308cff9897a0e">3c0c11c</a>)</li>
<li><strong>security:</strong> fixed security vulnerability in
follow-redirects (<a
href="https://redirect.github.com/axios/axios/issues/6163">#6163</a>)
(<a
href="https://github.com/axios/axios/commit/75af1cdff5b3a6ca3766d3d3afbc3115bb0811b8">75af1cd</a>)</li>
</ul>
<h3>Contributors to this release</h3>
<ul>
<li><!-- raw HTML omitted --> <a href="https://github.com/jasonsaayman"
title="+34/-6 ()">Jay</a></li>
<li><!-- raw HTML omitted --> <a
href="https://github.com/DigitalBrainJS" title="+34/-3
([#6172](axios/axios#6172)
[#6167](axios/axios#6167) )">Dmitriy
Mozgovoy</a></li>
<li><!-- raw HTML omitted --> <a href="https://github.com/gnesher"
title="+10/-10 ([#6163](axios/axios#6163)
)">Guy Nesher</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/axios/axios/blob/v1.x/CHANGELOG.md">axios's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/axios/axios/compare/v1.6.3...v1.6.4">1.6.4</a>
(2024-01-03)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>security:</strong> fixed formToJSON prototype pollution
vulnerability; (<a
href="https://redirect.github.com/axios/axios/issues/6167">#6167</a>)
(<a
href="https://github.com/axios/axios/commit/3c0c11cade045c4412c242b5727308cff9897a0e">3c0c11c</a>)</li>
<li><strong>security:</strong> fixed security vulnerability in
follow-redirects (<a
href="https://redirect.github.com/axios/axios/issues/6163">#6163</a>)
(<a
href="https://github.com/axios/axios/commit/75af1cdff5b3a6ca3766d3d3afbc3115bb0811b8">75af1cd</a>)</li>
</ul>
<h3>Contributors to this release</h3>
<ul>
<li><!-- raw HTML omitted --> <a href="https://github.com/jasonsaayman"
title="+34/-6 ()">Jay</a></li>
<li><!-- raw HTML omitted --> <a
href="https://github.com/DigitalBrainJS" title="+34/-3
([#6172](axios/axios#6172)
[#6167](axios/axios#6167) )">Dmitriy
Mozgovoy</a></li>
<li><!-- raw HTML omitted --> <a href="https://github.com/gnesher"
title="+10/-10 ([#6163](axios/axios#6163)
)">Guy Nesher</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/axios/axios/commit/8790b8e7847c7f450544e7195c837ffc10fcb160"><code>8790b8e</code></a>
chore(release): v1.6.4 (<a
href="https://redirect.github.com/axios/axios/issues/6173">#6173</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/0ad520de0f087b7e012e432660e44631be7f689e"><code>0ad520d</code></a>
chore(ci): fix notify action; (<a
href="https://redirect.github.com/axios/axios/issues/6172">#6172</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/3c0c11cade045c4412c242b5727308cff9897a0e"><code>3c0c11c</code></a>
fix(security): fixed formToJSON prototype pollution vulnerability; (<a
href="https://redirect.github.com/axios/axios/issues/6167">#6167</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/75af1cdff5b3a6ca3766d3d3afbc3115bb0811b8"><code>75af1cd</code></a>
fix(security): fixed security vulnerability in follow-redirects (<a
href="https://redirect.github.com/axios/axios/issues/6163">#6163</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/90864b3a3fb52ede567f7dd70b055f1f45c162ef"><code>90864b3</code></a>
docs: update logos</li>
<li><a
href="https://github.com/axios/axios/commit/1542719bc7300f885df202942eff986a3d826372"><code>1542719</code></a>
docs: updated headline sponsors</li>
<li>See full diff in <a
href="https://github.com/axios/axios/compare/v1.6.3...v1.6.4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=axios&package-manager=npm_and_yarn&previous-version=1.6.3&new-version=1.6.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
anthony-nhs pushed a commit to NHSDigital/prescriptionsforpatients that referenced this pull request Jan 4, 2024
@dependabot
Bump axios from 1.6.3 to 1.6.4 (#532)
f7970b2 
Bumps [axios](https://github.com/axios/axios) from 1.6.3 to 1.6.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/axios/axios/releases">axios's
releases</a>.</em></p>
<blockquote>
<h2>Release v1.6.4</h2>
<h2>Release notes:</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>security:</strong> fixed formToJSON prototype pollution
vulnerability; (<a
href="https://redirect.github.com/axios/axios/issues/6167">#6167</a>)
(<a
href="https://github.com/axios/axios/commit/3c0c11cade045c4412c242b5727308cff9897a0e">3c0c11c</a>)</li>
<li><strong>security:</strong> fixed security vulnerability in
follow-redirects (<a
href="https://redirect.github.com/axios/axios/issues/6163">#6163</a>)
(<a
href="https://github.com/axios/axios/commit/75af1cdff5b3a6ca3766d3d3afbc3115bb0811b8">75af1cd</a>)</li>
</ul>
<h3>Contributors to this release</h3>
<ul>
<li><!-- raw HTML omitted --> <a href="https://github.com/jasonsaayman"
title="+34/-6 ()">Jay</a></li>
<li><!-- raw HTML omitted --> <a
href="https://github.com/DigitalBrainJS" title="+34/-3
([#6172](axios/axios#6172)
[#6167](axios/axios#6167) )">Dmitriy
Mozgovoy</a></li>
<li><!-- raw HTML omitted --> <a href="https://github.com/gnesher"
title="+10/-10 ([#6163](axios/axios#6163)
)">Guy Nesher</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/axios/axios/blob/v1.x/CHANGELOG.md">axios's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/axios/axios/compare/v1.6.3...v1.6.4">1.6.4</a>
(2024-01-03)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>security:</strong> fixed formToJSON prototype pollution
vulnerability; (<a
href="https://redirect.github.com/axios/axios/issues/6167">#6167</a>)
(<a
href="https://github.com/axios/axios/commit/3c0c11cade045c4412c242b5727308cff9897a0e">3c0c11c</a>)</li>
<li><strong>security:</strong> fixed security vulnerability in
follow-redirects (<a
href="https://redirect.github.com/axios/axios/issues/6163">#6163</a>)
(<a
href="https://github.com/axios/axios/commit/75af1cdff5b3a6ca3766d3d3afbc3115bb0811b8">75af1cd</a>)</li>
</ul>
<h3>Contributors to this release</h3>
<ul>
<li><!-- raw HTML omitted --> <a href="https://github.com/jasonsaayman"
title="+34/-6 ()">Jay</a></li>
<li><!-- raw HTML omitted --> <a
href="https://github.com/DigitalBrainJS" title="+34/-3
([#6172](axios/axios#6172)
[#6167](axios/axios#6167) )">Dmitriy
Mozgovoy</a></li>
<li><!-- raw HTML omitted --> <a href="https://github.com/gnesher"
title="+10/-10 ([#6163](axios/axios#6163)
)">Guy Nesher</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/axios/axios/commit/8790b8e7847c7f450544e7195c837ffc10fcb160"><code>8790b8e</code></a>
chore(release): v1.6.4 (<a
href="https://redirect.github.com/axios/axios/issues/6173">#6173</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/0ad520de0f087b7e012e432660e44631be7f689e"><code>0ad520d</code></a>
chore(ci): fix notify action; (<a
href="https://redirect.github.com/axios/axios/issues/6172">#6172</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/3c0c11cade045c4412c242b5727308cff9897a0e"><code>3c0c11c</code></a>
fix(security): fixed formToJSON prototype pollution vulnerability; (<a
href="https://redirect.github.com/axios/axios/issues/6167">#6167</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/75af1cdff5b3a6ca3766d3d3afbc3115bb0811b8"><code>75af1cd</code></a>
fix(security): fixed security vulnerability in follow-redirects (<a
href="https://redirect.github.com/axios/axios/issues/6163">#6163</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/90864b3a3fb52ede567f7dd70b055f1f45c162ef"><code>90864b3</code></a>
docs: update logos</li>
<li><a
href="https://github.com/axios/axios/commit/1542719bc7300f885df202942eff986a3d826372"><code>1542719</code></a>
docs: updated headline sponsors</li>
<li>See full diff in <a
href="https://github.com/axios/axios/compare/v1.6.3...v1.6.4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=axios&package-manager=npm_and_yarn&previous-version=1.6.3&new-version=1.6.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
github-actions bot pushed a commit to implydata/openapi-ts that referenced this pull request Jan 4, 2024
@dependabot
build(deps-dev): Bump axios from 1.6.3 to 1.6.4 (#103)
3e6888d 
Bumps [axios](https://github.com/axios/axios) from 1.6.3 to 1.6.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/axios/axios/releases">axios's
releases</a>.</em></p>
<blockquote>
<h2>Release v1.6.4</h2>
<h2>Release notes:</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>security:</strong> fixed formToJSON prototype pollution
vulnerability; (<a
href="https://redirect.github.com/axios/axios/issues/6167">#6167</a>)
(<a
href="https://github.com/axios/axios/commit/3c0c11cade045c4412c242b5727308cff9897a0e">3c0c11c</a>)</li>
<li><strong>security:</strong> fixed security vulnerability in
follow-redirects (<a
href="https://redirect.github.com/axios/axios/issues/6163">#6163</a>)
(<a
href="https://github.com/axios/axios/commit/75af1cdff5b3a6ca3766d3d3afbc3115bb0811b8">75af1cd</a>)</li>
</ul>
<h3>Contributors to this release</h3>
<ul>
<li><!-- raw HTML omitted --> <a href="https://github.com/jasonsaayman"
title="+34/-6 ()">Jay</a></li>
<li><!-- raw HTML omitted --> <a
href="https://github.com/DigitalBrainJS" title="+34/-3
([#6172](axios/axios#6172)
[#6167](axios/axios#6167) )">Dmitriy
Mozgovoy</a></li>
<li><!-- raw HTML omitted --> <a href="https://github.com/gnesher"
title="+10/-10 ([#6163](axios/axios#6163)
)">Guy Nesher</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/axios/axios/blob/v1.x/CHANGELOG.md">axios's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/axios/axios/compare/v1.6.3...v1.6.4">1.6.4</a>
(2024-01-03)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>security:</strong> fixed formToJSON prototype pollution
vulnerability; (<a
href="https://redirect.github.com/axios/axios/issues/6167">#6167</a>)
(<a
href="https://github.com/axios/axios/commit/3c0c11cade045c4412c242b5727308cff9897a0e">3c0c11c</a>)</li>
<li><strong>security:</strong> fixed security vulnerability in
follow-redirects (<a
href="https://redirect.github.com/axios/axios/issues/6163">#6163</a>)
(<a
href="https://github.com/axios/axios/commit/75af1cdff5b3a6ca3766d3d3afbc3115bb0811b8">75af1cd</a>)</li>
</ul>
<h3>Contributors to this release</h3>
<ul>
<li><!-- raw HTML omitted --> <a href="https://github.com/jasonsaayman"
title="+34/-6 ()">Jay</a></li>
<li><!-- raw HTML omitted --> <a
href="https://github.com/DigitalBrainJS" title="+34/-3
([#6172](axios/axios#6172)
[#6167](axios/axios#6167) )">Dmitriy
Mozgovoy</a></li>
<li><!-- raw HTML omitted --> <a href="https://github.com/gnesher"
title="+10/-10 ([#6163](axios/axios#6163)
)">Guy Nesher</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/axios/axios/commit/8790b8e7847c7f450544e7195c837ffc10fcb160"><code>8790b8e</code></a>
chore(release): v1.6.4 (<a
href="https://redirect.github.com/axios/axios/issues/6173">#6173</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/0ad520de0f087b7e012e432660e44631be7f689e"><code>0ad520d</code></a>
chore(ci): fix notify action; (<a
href="https://redirect.github.com/axios/axios/issues/6172">#6172</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/3c0c11cade045c4412c242b5727308cff9897a0e"><code>3c0c11c</code></a>
fix(security): fixed formToJSON prototype pollution vulnerability; (<a
href="https://redirect.github.com/axios/axios/issues/6167">#6167</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/75af1cdff5b3a6ca3766d3d3afbc3115bb0811b8"><code>75af1cd</code></a>
fix(security): fixed security vulnerability in follow-redirects (<a
href="https://redirect.github.com/axios/axios/issues/6163">#6163</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/90864b3a3fb52ede567f7dd70b055f1f45c162ef"><code>90864b3</code></a>
docs: update logos</li>
<li><a
href="https://github.com/axios/axios/commit/1542719bc7300f885df202942eff986a3d826372"><code>1542719</code></a>
docs: updated headline sponsors</li>
<li>See full diff in <a
href="https://github.com/axios/axios/compare/v1.6.3...v1.6.4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=axios&package-manager=npm_and_yarn&previous-version=1.6.3&new-version=1.6.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
manudeli pushed a commit to toss/suspensive that referenced this pull request Jan 4, 2024
@dependabot
chore(deps): Bump axios from 1.6.3 to 1.6.4 (#549)
e021bb9 
Bumps [axios](https://github.com/axios/axios) from 1.6.3 to 1.6.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/axios/axios/releases">axios's
releases</a>.</em></p>
<blockquote>
<h2>Release v1.6.4</h2>
<h2>Release notes:</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>security:</strong> fixed formToJSON prototype pollution
vulnerability; (<a
href="https://redirect.github.com/axios/axios/issues/6167">#6167</a>)
(<a
href="https://github.com/axios/axios/commit/3c0c11cade045c4412c242b5727308cff9897a0e">3c0c11c</a>)</li>
<li><strong>security:</strong> fixed security vulnerability in
follow-redirects (<a
href="https://redirect.github.com/axios/axios/issues/6163">#6163</a>)
(<a
href="https://github.com/axios/axios/commit/75af1cdff5b3a6ca3766d3d3afbc3115bb0811b8">75af1cd</a>)</li>
</ul>
<h3>Contributors to this release</h3>
<ul>
<li><!-- raw HTML omitted --> <a href="https://github.com/jasonsaayman"
title="+34/-6 ()">Jay</a></li>
<li><!-- raw HTML omitted --> <a
href="https://github.com/DigitalBrainJS" title="+34/-3
([#6172](axios/axios#6172)
[#6167](axios/axios#6167) )">Dmitriy
Mozgovoy</a></li>
<li><!-- raw HTML omitted --> <a href="https://github.com/gnesher"
title="+10/-10 ([#6163](axios/axios#6163)
)">Guy Nesher</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/axios/axios/blob/v1.x/CHANGELOG.md">axios's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/axios/axios/compare/v1.6.3...v1.6.4">1.6.4</a>
(2024-01-03)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>security:</strong> fixed formToJSON prototype pollution
vulnerability; (<a
href="https://redirect.github.com/axios/axios/issues/6167">#6167</a>)
(<a
href="https://github.com/axios/axios/commit/3c0c11cade045c4412c242b5727308cff9897a0e">3c0c11c</a>)</li>
<li><strong>security:</strong> fixed security vulnerability in
follow-redirects (<a
href="https://redirect.github.com/axios/axios/issues/6163">#6163</a>)
(<a
href="https://github.com/axios/axios/commit/75af1cdff5b3a6ca3766d3d3afbc3115bb0811b8">75af1cd</a>)</li>
</ul>
<h3>Contributors to this release</h3>
<ul>
<li><!-- raw HTML omitted --> <a href="https://github.com/jasonsaayman"
title="+34/-6 ()">Jay</a></li>
<li><!-- raw HTML omitted --> <a
href="https://github.com/DigitalBrainJS" title="+34/-3
([#6172](axios/axios#6172)
[#6167](axios/axios#6167) )">Dmitriy
Mozgovoy</a></li>
<li><!-- raw HTML omitted --> <a href="https://github.com/gnesher"
title="+10/-10 ([#6163](axios/axios#6163)
)">Guy Nesher</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/axios/axios/commit/8790b8e7847c7f450544e7195c837ffc10fcb160"><code>8790b8e</code></a>
chore(release): v1.6.4 (<a
href="https://redirect.github.com/axios/axios/issues/6173">#6173</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/0ad520de0f087b7e012e432660e44631be7f689e"><code>0ad520d</code></a>
chore(ci): fix notify action; (<a
href="https://redirect.github.com/axios/axios/issues/6172">#6172</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/3c0c11cade045c4412c242b5727308cff9897a0e"><code>3c0c11c</code></a>
fix(security): fixed formToJSON prototype pollution vulnerability; (<a
href="https://redirect.github.com/axios/axios/issues/6167">#6167</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/75af1cdff5b3a6ca3766d3d3afbc3115bb0811b8"><code>75af1cd</code></a>
fix(security): fixed security vulnerability in follow-redirects (<a
href="https://redirect.github.com/axios/axios/issues/6163">#6163</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/90864b3a3fb52ede567f7dd70b055f1f45c162ef"><code>90864b3</code></a>
docs: update logos</li>
<li><a
href="https://github.com/axios/axios/commit/1542719bc7300f885df202942eff986a3d826372"><code>1542719</code></a>
docs: updated headline sponsors</li>
<li>See full diff in <a
href="https://github.com/axios/axios/compare/v1.6.3...v1.6.4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=axios&package-manager=npm_and_yarn&previous-version=1.6.3&new-version=1.6.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@pyrooka pyrooka mentioned this pull request Jan 4, 2024
Merged
3 tasks
@u01jmg3 u01jmg3 mentioned this pull request Jan 4, 2024
Merged
pyrooka added a commit to IBM/node-sdk-core that referenced this pull request Jan 4, 2024
@pyrooka
fix(deps): bump axios to 1.6.4 (#265)
48c558b 
This PR bumps the Axios package to the latest version to fix some newly discovered vulnerabilities. From the release notes:
- security: fixed formToJSON prototype pollution vulnerability; (axios/axios#6167)
- security: fixed security vulnerability in follow-redirects (axios/axios#6163)

Signed-off-by: Norbert Biczo <pyrooka@users.noreply.github.com>
This was referenced Jun 4, 2024
Open
Open
This was referenced Jun 4, 2024
Open
Open
Open
Open
@hangrybear666 hangrybear666 mentioned this pull request Jun 5, 2024
Closed
This was referenced Jun 5, 2024
Open
Open
This was referenced Jun 5, 2024
Open
Open
@gauravbhandari2503 gauravbhandari2503 mentioned this pull request Jun 5, 2024
Open
This was referenced Jun 5, 2024
Open
Open
Open
@wd3bbas wd3bbas mentioned this pull request Jun 7, 2024
Open
@NOUIY NOUIY mentioned this pull request Jun 7, 2024
Open
This was referenced Jun 7, 2024
Open
Open
Open
@Josegutierrez69 Josegutierrez69 mentioned this pull request Jun 9, 2024
Open
@ibolton336 ibolton336 mentioned this pull request Jul 22, 2024
Merged
stefan0509 pushed a commit to stefan0509/milliorn-recipes-react that referenced this pull request Jul 29, 2024
@dependabot @milliorn
Bump axios from 1.5.1 to 1.6.5 (#388)
538181c 
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps [axios](https://github.com/axios/axios) from 1.5.1 to 1.6.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/axios/axios/releases">axios's
releases</a>.</em></p>
<blockquote>
<h2>Release v1.6.5</h2>
<h2>Release notes:</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>ci:</strong> refactor notify action as a job of publish
action; (<a
href="https://redirect.github.com/axios/axios/issues/6176">#6176</a>)
(<a
href="https://github.com/axios/axios/commit/0736f95ce8776366dc9ca569f49ba505feb6373c">0736f95</a>)</li>
<li><strong>dns:</strong> fixed lookup error handling; (<a
href="https://redirect.github.com/axios/axios/issues/6175">#6175</a>)
(<a
href="https://github.com/axios/axios/commit/f4f2b039dd38eb4829e8583caede4ed6d2dd59be">f4f2b03</a>)</li>
</ul>
<h3>Contributors to this release</h3>
<ul>
<li><!-- raw HTML omitted --> <a
href="https://github.com/DigitalBrainJS" title="+41/-6
([#6176](axios/axios#6176)
[#6175](axios/axios#6175) )">Dmitriy
Mozgovoy</a></li>
<li><!-- raw HTML omitted --> <a href="https://github.com/jasonsaayman"
title="+6/-1 ()">Jay</a></li>
</ul>
<h2>Release v1.6.4</h2>
<h2>Release notes:</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>security:</strong> fixed formToJSON prototype pollution
vulnerability; (<a
href="https://redirect.github.com/axios/axios/issues/6167">#6167</a>)
(<a
href="https://github.com/axios/axios/commit/3c0c11cade045c4412c242b5727308cff9897a0e">3c0c11c</a>)</li>
<li><strong>security:</strong> fixed security vulnerability in
follow-redirects (<a
href="https://redirect.github.com/axios/axios/issues/6163">#6163</a>)
(<a
href="https://github.com/axios/axios/commit/75af1cdff5b3a6ca3766d3d3afbc3115bb0811b8">75af1cd</a>)</li>
</ul>
<h3>Contributors to this release</h3>
<ul>
<li><!-- raw HTML omitted --> <a href="https://github.com/jasonsaayman"
title="+34/-6 ()">Jay</a></li>
<li><!-- raw HTML omitted --> <a
href="https://github.com/DigitalBrainJS" title="+34/-3
([#6172](axios/axios#6172)
[#6167](axios/axios#6167) )">Dmitriy
Mozgovoy</a></li>
<li><!-- raw HTML omitted --> <a href="https://github.com/gnesher"
title="+10/-10 ([#6163](axios/axios#6163)
)">Guy Nesher</a></li>
</ul>
<h2>Release v1.6.3</h2>
<h2>Release notes:</h2>
<h3>Bug Fixes</h3>
<ul>
<li>Regular Expression Denial of Service (ReDoS) (<a
href="https://redirect.github.com/axios/axios/issues/6132">#6132</a>)
(<a
href="https://github.com/axios/axios/commit/5e7ad38fb0f819fceb19fb2ee5d5d38f56aa837d">5e7ad38</a>)</li>
</ul>
<h3>Contributors to this release</h3>
<ul>
<li><!-- raw HTML omitted --> <a href="https://github.com/jasonsaayman"
title="+15/-6 ([#6145](axios/axios#6145)
)">Jay</a></li>
<li><!-- raw HTML omitted --> <a
href="https://github.com/WillianAgostini" title="+17/-2
([#6132](axios/axios#6132) )">Willian
Agostini</a></li>
<li><!-- raw HTML omitted --> <a
href="https://github.com/DigitalBrainJS" title="+3/-0
([#6084](axios/axios#6084) )">Dmitriy
Mozgovoy</a></li>
</ul>
<h2>Release v1.6.2</h2>
<h2>Release notes:</h2>
<h3>Features</h3>
<ul>
<li><strong>withXSRFToken:</strong> added withXSRFToken option as a
workaround to achieve the old <code>withCredentials</code> behavior; (<a
href="https://redirect.github.com/axios/axios/issues/6046">#6046</a>)
(<a
href="https://github.com/axios/axios/commit/cff996779b272a5e94c2b52f5503ccf668bc42dc">cff9967</a>)</li>
</ul>
<h3>PRs</h3>
<ul>
<li>feat(withXSRFToken): added withXSRFToken option as a workaround to
achieve the old `withCredentials` behavior; ( <a
href="https://api.github.com/repos/axios/axios/pulls/6046">#6046</a>
)</li>
</ul>
<pre><code>
📢 This PR added &amp;#x27;withXSRFToken&amp;#x27; option as a
replacement for old withCredentials behaviour.
You should now use withXSRFToken along with withCredential to get the
old behavior.
This functionality is considered as a fix.
&lt;/tr&gt;&lt;/table&gt; 
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/axios/axios/blob/v1.x/CHANGELOG.md">axios's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/axios/axios/compare/v1.6.4...v1.6.5">1.6.5</a>
(2024-01-05)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>ci:</strong> refactor notify action as a job of publish
action; (<a
href="https://redirect.github.com/axios/axios/issues/6176">#6176</a>)
(<a
href="https://github.com/axios/axios/commit/0736f95ce8776366dc9ca569f49ba505feb6373c">0736f95</a>)</li>
<li><strong>dns:</strong> fixed lookup error handling; (<a
href="https://redirect.github.com/axios/axios/issues/6175">#6175</a>)
(<a
href="https://github.com/axios/axios/commit/f4f2b039dd38eb4829e8583caede4ed6d2dd59be">f4f2b03</a>)</li>
</ul>
<h3>Contributors to this release</h3>
<ul>
<li><!-- raw HTML omitted --> <a
href="https://github.com/DigitalBrainJS" title="+41/-6
([#6176](axios/axios#6176)
[#6175](axios/axios#6175) )">Dmitriy
Mozgovoy</a></li>
<li><!-- raw HTML omitted --> <a href="https://github.com/jasonsaayman"
title="+6/-1 ()">Jay</a></li>
</ul>
<h2><a
href="https://github.com/axios/axios/compare/v1.6.3...v1.6.4">1.6.4</a>
(2024-01-03)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>security:</strong> fixed formToJSON prototype pollution
vulnerability; (<a
href="https://redirect.github.com/axios/axios/issues/6167">#6167</a>)
(<a
href="https://github.com/axios/axios/commit/3c0c11cade045c4412c242b5727308cff9897a0e">3c0c11c</a>)</li>
<li><strong>security:</strong> fixed security vulnerability in
follow-redirects (<a
href="https://redirect.github.com/axios/axios/issues/6163">#6163</a>)
(<a
href="https://github.com/axios/axios/commit/75af1cdff5b3a6ca3766d3d3afbc3115bb0811b8">75af1cd</a>)</li>
</ul>
<h3>Contributors to this release</h3>
<ul>
<li><!-- raw HTML omitted --> <a href="https://github.com/jasonsaayman"
title="+34/-6 ()">Jay</a></li>
<li><!-- raw HTML omitted --> <a
href="https://github.com/DigitalBrainJS" title="+34/-3
([#6172](axios/axios#6172)
[#6167](axios/axios#6167) )">Dmitriy
Mozgovoy</a></li>
<li><!-- raw HTML omitted --> <a href="https://github.com/gnesher"
title="+10/-10 ([#6163](axios/axios#6163)
)">Guy Nesher</a></li>
</ul>
<h2><a
href="https://github.com/axios/axios/compare/v1.6.2...v1.6.3">1.6.3</a>
(2023-12-26)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>Regular Expression Denial of Service (ReDoS) (<a
href="https://redirect.github.com/axios/axios/issues/6132">#6132</a>)
(<a
href="https://github.com/axios/axios/commit/5e7ad38fb0f819fceb19fb2ee5d5d38f56aa837d">5e7ad38</a>)</li>
</ul>
<h3>Contributors to this release</h3>
<ul>
<li><!-- raw HTML omitted --> <a href="https://github.com/jasonsaayman"
title="+15/-6 ([#6145](axios/axios#6145)
)">Jay</a></li>
<li><!-- raw HTML omitted --> <a
href="https://github.com/WillianAgostini" title="+17/-2
([#6132](axios/axios#6132) )">Willian
Agostini</a></li>
<li><!-- raw HTML omitted --> <a
href="https://github.com/DigitalBrainJS" title="+3/-0
([#6084](axios/axios#6084) )">Dmitriy
Mozgovoy</a></li>
</ul>
<h2><a
href="https://github.com/axios/axios/compare/v1.6.1...v1.6.2">1.6.2</a>
(2023-11-14)</h2>
<h3>Features</h3>
<ul>
<li><strong>withXSRFToken:</strong> added withXSRFToken option as a
workaround to achieve the old <code>withCredentials</code> behavior; (<a
href="https://redirect.github.com/axios/axios/issues/6046">#6046</a>)
(<a
href="https://github.com/axios/axios/commit/cff996779b272a5e94c2b52f5503ccf668bc42dc">cff9967</a>)</li>
</ul>
<h3>PRs</h3>
<ul>
<li>feat(withXSRFToken): added withXSRFToken option as a workaround to
achieve the old `withCredentials` behavior; ( <a
href="https://api.github.com/repos/axios/axios/pulls/6046">#6046</a>
)</li>
</ul>
<pre><code>&lt;/tr&gt;&lt;/table&gt; 
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/axios/axios/commit/6d4c421ee157d93b47f3f9082a7044b1da221461"><code>6d4c421</code></a>
chore(release): v1.6.5 (<a
href="https://redirect.github.com/axios/axios/issues/6177">#6177</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/0736f95ce8776366dc9ca569f49ba505feb6373c"><code>0736f95</code></a>
fix(ci): refactor notify action as a job of publish action; (<a
href="https://redirect.github.com/axios/axios/issues/6176">#6176</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/f4f2b039dd38eb4829e8583caede4ed6d2dd59be"><code>f4f2b03</code></a>
fix(dns): fixed lookup error handling; (<a
href="https://redirect.github.com/axios/axios/issues/6175">#6175</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/1f73dcbbe0bb37f9e9908abb46a3c252536655c8"><code>1f73dcb</code></a>
docs: update sponsor links</li>
<li><a
href="https://github.com/axios/axios/commit/8790b8e7847c7f450544e7195c837ffc10fcb160"><code>8790b8e</code></a>
chore(release): v1.6.4 (<a
href="https://redirect.github.com/axios/axios/issues/6173">#6173</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/0ad520de0f087b7e012e432660e44631be7f689e"><code>0ad520d</code></a>
chore(ci): fix notify action; (<a
href="https://redirect.github.com/axios/axios/issues/6172">#6172</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/3c0c11cade045c4412c242b5727308cff9897a0e"><code>3c0c11c</code></a>
fix(security): fixed formToJSON prototype pollution vulnerability; (<a
href="https://redirect.github.com/axios/axios/issues/6167">#6167</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/75af1cdff5b3a6ca3766d3d3afbc3115bb0811b8"><code>75af1cd</code></a>
fix(security): fixed security vulnerability in follow-redirects (<a
href="https://redirect.github.com/axios/axios/issues/6163">#6163</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/90864b3a3fb52ede567f7dd70b055f1f45c162ef"><code>90864b3</code></a>
docs: update logos</li>
<li><a
href="https://github.com/axios/axios/commit/1542719bc7300f885df202942eff986a3d826372"><code>1542719</code></a>
docs: updated headline sponsors</li>
<li>Additional commits viewable in <a
href="https://github.com/axios/axios/compare/v1.5.1...v1.6.5">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=axios&package-manager=npm_and_yarn&previous-version=1.5.1&new-version=1.6.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Scott Milliorn <scottmilliorn@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Scott Milliorn <scottmilliorn@gmail.com>
manudeli added a commit to toss/suspensive that referenced this pull request Aug 3, 2024
@manudeli @dependabot
chore(deps): Bump axios from 1.6.3 to 1.6.4 (#549)
0c2e830 
Bumps [axios](https://github.com/axios/axios) from 1.6.3 to 1.6.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/axios/axios/releases">axios's
releases</a>.</em></p>
<blockquote>
<h2>Release v1.6.4</h2>
<h2>Release notes:</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>security:</strong> fixed formToJSON prototype pollution
vulnerability; (<a
href="https://redirect.github.com/axios/axios/issues/6167">#6167</a>)
(<a
href="https://github.com/axios/axios/commit/3c0c11cade045c4412c242b5727308cff9897a0e">3c0c11c</a>)</li>
<li><strong>security:</strong> fixed security vulnerability in
follow-redirects (<a
href="https://redirect.github.com/axios/axios/issues/6163">#6163</a>)
(<a
href="https://github.com/axios/axios/commit/75af1cdff5b3a6ca3766d3d3afbc3115bb0811b8">75af1cd</a>)</li>
</ul>
<h3>Contributors to this release</h3>
<ul>
<li><!-- raw HTML omitted --> <a href="https://github.com/jasonsaayman"
title="+34/-6 ()">Jay</a></li>
<li><!-- raw HTML omitted --> <a
href="https://github.com/DigitalBrainJS" title="+34/-3
([#6172](axios/axios#6172)
[#6167](axios/axios#6167) )">Dmitriy
Mozgovoy</a></li>
<li><!-- raw HTML omitted --> <a href="https://github.com/gnesher"
title="+10/-10 ([#6163](axios/axios#6163)
)">Guy Nesher</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/axios/axios/blob/v1.x/CHANGELOG.md">axios's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/axios/axios/compare/v1.6.3...v1.6.4">1.6.4</a>
(2024-01-03)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>security:</strong> fixed formToJSON prototype pollution
vulnerability; (<a
href="https://redirect.github.com/axios/axios/issues/6167">#6167</a>)
(<a
href="https://github.com/axios/axios/commit/3c0c11cade045c4412c242b5727308cff9897a0e">3c0c11c</a>)</li>
<li><strong>security:</strong> fixed security vulnerability in
follow-redirects (<a
href="https://redirect.github.com/axios/axios/issues/6163">#6163</a>)
(<a
href="https://github.com/axios/axios/commit/75af1cdff5b3a6ca3766d3d3afbc3115bb0811b8">75af1cd</a>)</li>
</ul>
<h3>Contributors to this release</h3>
<ul>
<li><!-- raw HTML omitted --> <a href="https://github.com/jasonsaayman"
title="+34/-6 ()">Jay</a></li>
<li><!-- raw HTML omitted --> <a
href="https://github.com/DigitalBrainJS" title="+34/-3
([#6172](axios/axios#6172)
[#6167](axios/axios#6167) )">Dmitriy
Mozgovoy</a></li>
<li><!-- raw HTML omitted --> <a href="https://github.com/gnesher"
title="+10/-10 ([#6163](axios/axios#6163)
)">Guy Nesher</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/axios/axios/commit/8790b8e7847c7f450544e7195c837ffc10fcb160"><code>8790b8e</code></a>
chore(release): v1.6.4 (<a
href="https://redirect.github.com/axios/axios/issues/6173">#6173</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/0ad520de0f087b7e012e432660e44631be7f689e"><code>0ad520d</code></a>
chore(ci): fix notify action; (<a
href="https://redirect.github.com/axios/axios/issues/6172">#6172</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/3c0c11cade045c4412c242b5727308cff9897a0e"><code>3c0c11c</code></a>
fix(security): fixed formToJSON prototype pollution vulnerability; (<a
href="https://redirect.github.com/axios/axios/issues/6167">#6167</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/75af1cdff5b3a6ca3766d3d3afbc3115bb0811b8"><code>75af1cd</code></a>
fix(security): fixed security vulnerability in follow-redirects (<a
href="https://redirect.github.com/axios/axios/issues/6163">#6163</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/90864b3a3fb52ede567f7dd70b055f1f45c162ef"><code>90864b3</code></a>
docs: update logos</li>
<li><a
href="https://github.com/axios/axios/commit/1542719bc7300f885df202942eff986a3d826372"><code>1542719</code></a>
docs: updated headline sponsors</li>
<li>See full diff in <a
href="https://github.com/axios/axios/compare/v1.6.3...v1.6.4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=axios&package-manager=npm_and_yarn&previous-version=1.6.3&new-version=1.6.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
manudeli added a commit to toss/suspensive that referenced this pull request Aug 3, 2024
@manudeli
chore(deps): Bump axios from 1.6.3 to 1.6.4 (#549)
4199c4a 
Bumps [axios](https://github.com/axios/axios) from 1.6.3 to 1.6.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/axios/axios/releases">axios's
releases</a>.</em></p>
<blockquote>
<h2>Release v1.6.4</h2>
<h2>Release notes:</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>security:</strong> fixed formToJSON prototype pollution
vulnerability; (<a
href="https://redirect.github.com/axios/axios/issues/6167">#6167</a>)
(<a
href="https://github.com/axios/axios/commit/3c0c11cade045c4412c242b5727308cff9897a0e">3c0c11c</a>)</li>
<li><strong>security:</strong> fixed security vulnerability in
follow-redirects (<a
href="https://redirect.github.com/axios/axios/issues/6163">#6163</a>)
(<a
href="https://github.com/axios/axios/commit/75af1cdff5b3a6ca3766d3d3afbc3115bb0811b8">75af1cd</a>)</li>
</ul>
<h3>Contributors to this release</h3>
<ul>
<li><!-- raw HTML omitted --> <a href="https://github.com/jasonsaayman"
title="+34/-6 ()">Jay</a></li>
<li><!-- raw HTML omitted --> <a
href="https://github.com/DigitalBrainJS" title="+34/-3
([#6172](axios/axios#6172)
[#6167](axios/axios#6167) )">Dmitriy
Mozgovoy</a></li>
<li><!-- raw HTML omitted --> <a href="https://github.com/gnesher"
title="+10/-10 ([#6163](axios/axios#6163)
)">Guy Nesher</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/axios/axios/blob/v1.x/CHANGELOG.md">axios's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/axios/axios/compare/v1.6.3...v1.6.4">1.6.4</a>
(2024-01-03)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>security:</strong> fixed formToJSON prototype pollution
vulnerability; (<a
href="https://redirect.github.com/axios/axios/issues/6167">#6167</a>)
(<a
href="https://github.com/axios/axios/commit/3c0c11cade045c4412c242b5727308cff9897a0e">3c0c11c</a>)</li>
<li><strong>security:</strong> fixed security vulnerability in
follow-redirects (<a
href="https://redirect.github.com/axios/axios/issues/6163">#6163</a>)
(<a
href="https://github.com/axios/axios/commit/75af1cdff5b3a6ca3766d3d3afbc3115bb0811b8">75af1cd</a>)</li>
</ul>
<h3>Contributors to this release</h3>
<ul>
<li><!-- raw HTML omitted --> <a href="https://github.com/jasonsaayman"
title="+34/-6 ()">Jay</a></li>
<li><!-- raw HTML omitted --> <a
href="https://github.com/DigitalBrainJS" title="+34/-3
([#6172](axios/axios#6172)
[#6167](axios/axios#6167) )">Dmitriy
Mozgovoy</a></li>
<li><!-- raw HTML omitted --> <a href="https://github.com/gnesher"
title="+10/-10 ([#6163](axios/axios#6163)
)">Guy Nesher</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/axios/axios/commit/8790b8e7847c7f450544e7195c837ffc10fcb160"><code>8790b8e</code></a>
chore(release): v1.6.4 (<a
href="https://redirect.github.com/axios/axios/issues/6173">#6173</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/0ad520de0f087b7e012e432660e44631be7f689e"><code>0ad520d</code></a>
chore(ci): fix notify action; (<a
href="https://redirect.github.com/axios/axios/issues/6172">#6172</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/3c0c11cade045c4412c242b5727308cff9897a0e"><code>3c0c11c</code></a>
fix(security): fixed formToJSON prototype pollution vulnerability; (<a
href="https://redirect.github.com/axios/axios/issues/6167">#6167</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/75af1cdff5b3a6ca3766d3d3afbc3115bb0811b8"><code>75af1cd</code></a>
fix(security): fixed security vulnerability in follow-redirects (<a
href="https://redirect.github.com/axios/axios/issues/6163">#6163</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/90864b3a3fb52ede567f7dd70b055f1f45c162ef"><code>90864b3</code></a>
docs: update logos</li>
<li><a
href="https://github.com/axios/axios/commit/1542719bc7300f885df202942eff986a3d826372"><code>1542719</code></a>
docs: updated headline sponsors</li>
<li>See full diff in <a
href="https://github.com/axios/axios/compare/v1.6.3...v1.6.4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=axios&package-manager=npm_and_yarn&previous-version=1.6.3&new-version=1.6.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
manudeli added a commit to toss/suspensive that referenced this pull request Aug 3, 2024
@manudeli @dependabot
chore(deps): Bump axios from 1.6.3 to 1.6.4 (#549)
06506c2 
Bumps [axios](https://github.com/axios/axios) from 1.6.3 to 1.6.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/axios/axios/releases">axios's
releases</a>.</em></p>
<blockquote>
<h2>Release v1.6.4</h2>
<h2>Release notes:</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>security:</strong> fixed formToJSON prototype pollution
vulnerability; (<a
href="https://redirect.github.com/axios/axios/issues/6167">#6167</a>)
(<a
href="https://github.com/axios/axios/commit/3c0c11cade045c4412c242b5727308cff9897a0e">3c0c11c</a>)</li>
<li><strong>security:</strong> fixed security vulnerability in
follow-redirects (<a
href="https://redirect.github.com/axios/axios/issues/6163">#6163</a>)
(<a
href="https://github.com/axios/axios/commit/75af1cdff5b3a6ca3766d3d3afbc3115bb0811b8">75af1cd</a>)</li>
</ul>
<h3>Contributors to this release</h3>
<ul>
<li><!-- raw HTML omitted --> <a href="https://github.com/jasonsaayman"
title="+34/-6 ()">Jay</a></li>
<li><!-- raw HTML omitted --> <a
href="https://github.com/DigitalBrainJS" title="+34/-3
([#6172](axios/axios#6172)
[#6167](axios/axios#6167) )">Dmitriy
Mozgovoy</a></li>
<li><!-- raw HTML omitted --> <a href="https://github.com/gnesher"
title="+10/-10 ([#6163](axios/axios#6163)
)">Guy Nesher</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/axios/axios/blob/v1.x/CHANGELOG.md">axios's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/axios/axios/compare/v1.6.3...v1.6.4">1.6.4</a>
(2024-01-03)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>security:</strong> fixed formToJSON prototype pollution
vulnerability; (<a
href="https://redirect.github.com/axios/axios/issues/6167">#6167</a>)
(<a
href="https://github.com/axios/axios/commit/3c0c11cade045c4412c242b5727308cff9897a0e">3c0c11c</a>)</li>
<li><strong>security:</strong> fixed security vulnerability in
follow-redirects (<a
href="https://redirect.github.com/axios/axios/issues/6163">#6163</a>)
(<a
href="https://github.com/axios/axios/commit/75af1cdff5b3a6ca3766d3d3afbc3115bb0811b8">75af1cd</a>)</li>
</ul>
<h3>Contributors to this release</h3>
<ul>
<li><!-- raw HTML omitted --> <a href="https://github.com/jasonsaayman"
title="+34/-6 ()">Jay</a></li>
<li><!-- raw HTML omitted --> <a
href="https://github.com/DigitalBrainJS" title="+34/-3
([#6172](axios/axios#6172)
[#6167](axios/axios#6167) )">Dmitriy
Mozgovoy</a></li>
<li><!-- raw HTML omitted --> <a href="https://github.com/gnesher"
title="+10/-10 ([#6163](axios/axios#6163)
)">Guy Nesher</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/axios/axios/commit/8790b8e7847c7f450544e7195c837ffc10fcb160"><code>8790b8e</code></a>
chore(release): v1.6.4 (<a
href="https://redirect.github.com/axios/axios/issues/6173">#6173</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/0ad520de0f087b7e012e432660e44631be7f689e"><code>0ad520d</code></a>
chore(ci): fix notify action; (<a
href="https://redirect.github.com/axios/axios/issues/6172">#6172</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/3c0c11cade045c4412c242b5727308cff9897a0e"><code>3c0c11c</code></a>
fix(security): fixed formToJSON prototype pollution vulnerability; (<a
href="https://redirect.github.com/axios/axios/issues/6167">#6167</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/75af1cdff5b3a6ca3766d3d3afbc3115bb0811b8"><code>75af1cd</code></a>
fix(security): fixed security vulnerability in follow-redirects (<a
href="https://redirect.github.com/axios/axios/issues/6163">#6163</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/90864b3a3fb52ede567f7dd70b055f1f45c162ef"><code>90864b3</code></a>
docs: update logos</li>
<li><a
href="https://github.com/axios/axios/commit/1542719bc7300f885df202942eff986a3d826372"><code>1542719</code></a>
docs: updated headline sponsors</li>
<li>See full diff in <a
href="https://github.com/axios/axios/compare/v1.6.3...v1.6.4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=axios&package-manager=npm_and_yarn&previous-version=1.6.3&new-version=1.6.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
manudeli added a commit to toss/suspensive that referenced this pull request Aug 3, 2024
@manudeli
chore(deps): Bump axios from 1.6.3 to 1.6.4 (#549)
791f5d2 
Bumps [axios](https://github.com/axios/axios) from 1.6.3 to 1.6.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/axios/axios/releases">axios's
releases</a>.</em></p>
<blockquote>
<h2>Release v1.6.4</h2>
<h2>Release notes:</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>security:</strong> fixed formToJSON prototype pollution
vulnerability; (<a
href="https://redirect.github.com/axios/axios/issues/6167">#6167</a>)
(<a
href="https://github.com/axios/axios/commit/3c0c11cade045c4412c242b5727308cff9897a0e">3c0c11c</a>)</li>
<li><strong>security:</strong> fixed security vulnerability in
follow-redirects (<a
href="https://redirect.github.com/axios/axios/issues/6163">#6163</a>)
(<a
href="https://github.com/axios/axios/commit/75af1cdff5b3a6ca3766d3d3afbc3115bb0811b8">75af1cd</a>)</li>
</ul>
<h3>Contributors to this release</h3>
<ul>
<li><!-- raw HTML omitted --> <a href="https://github.com/jasonsaayman"
title="+34/-6 ()">Jay</a></li>
<li><!-- raw HTML omitted --> <a
href="https://github.com/DigitalBrainJS" title="+34/-3
([#6172](axios/axios#6172)
[#6167](axios/axios#6167) )">Dmitriy
Mozgovoy</a></li>
<li><!-- raw HTML omitted --> <a href="https://github.com/gnesher"
title="+10/-10 ([#6163](axios/axios#6163)
)">Guy Nesher</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/axios/axios/blob/v1.x/CHANGELOG.md">axios's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/axios/axios/compare/v1.6.3...v1.6.4">1.6.4</a>
(2024-01-03)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>security:</strong> fixed formToJSON prototype pollution
vulnerability; (<a
href="https://redirect.github.com/axios/axios/issues/6167">#6167</a>)
(<a
href="https://github.com/axios/axios/commit/3c0c11cade045c4412c242b5727308cff9897a0e">3c0c11c</a>)</li>
<li><strong>security:</strong> fixed security vulnerability in
follow-redirects (<a
href="https://redirect.github.com/axios/axios/issues/6163">#6163</a>)
(<a
href="https://github.com/axios/axios/commit/75af1cdff5b3a6ca3766d3d3afbc3115bb0811b8">75af1cd</a>)</li>
</ul>
<h3>Contributors to this release</h3>
<ul>
<li><!-- raw HTML omitted --> <a href="https://github.com/jasonsaayman"
title="+34/-6 ()">Jay</a></li>
<li><!-- raw HTML omitted --> <a
href="https://github.com/DigitalBrainJS" title="+34/-3
([#6172](axios/axios#6172)
[#6167](axios/axios#6167) )">Dmitriy
Mozgovoy</a></li>
<li><!-- raw HTML omitted --> <a href="https://github.com/gnesher"
title="+10/-10 ([#6163](axios/axios#6163)
)">Guy Nesher</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/axios/axios/commit/8790b8e7847c7f450544e7195c837ffc10fcb160"><code>8790b8e</code></a>
chore(release): v1.6.4 (<a
href="https://redirect.github.com/axios/axios/issues/6173">#6173</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/0ad520de0f087b7e012e432660e44631be7f689e"><code>0ad520d</code></a>
chore(ci): fix notify action; (<a
href="https://redirect.github.com/axios/axios/issues/6172">#6172</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/3c0c11cade045c4412c242b5727308cff9897a0e"><code>3c0c11c</code></a>
fix(security): fixed formToJSON prototype pollution vulnerability; (<a
href="https://redirect.github.com/axios/axios/issues/6167">#6167</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/75af1cdff5b3a6ca3766d3d3afbc3115bb0811b8"><code>75af1cd</code></a>
fix(security): fixed security vulnerability in follow-redirects (<a
href="https://redirect.github.com/axios/axios/issues/6163">#6163</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/90864b3a3fb52ede567f7dd70b055f1f45c162ef"><code>90864b3</code></a>
docs: update logos</li>
<li><a
href="https://github.com/axios/axios/commit/1542719bc7300f885df202942eff986a3d826372"><code>1542719</code></a>
docs: updated headline sponsors</li>
<li>See full diff in <a
href="https://github.com/axios/axios/compare/v1.6.3...v1.6.4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=axios&package-manager=npm_and_yarn&previous-version=1.6.3&new-version=1.6.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
heap-coder added a commit to heap-coder/explorer that referenced this pull request Sep 27, 2025
@heap-coder @dependabot
chore(deps): bump axios from 1.5.1 to 1.6.5 (#911)
f6956a1 
Bumps [axios](https://github.com/axios/axios) from 1.5.1 to 1.6.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/axios/axios/releases">axios's
releases</a>.</em></p>
<blockquote>
<h2>Release v1.6.5</h2>
<h2>Release notes:</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>ci:</strong> refactor notify action as a job of publish
action; (<a
href="https://redirect.github.com/axios/axios/issues/6176">#6176</a>)
(<a
href="https://github.com/axios/axios/commit/0736f95ce8776366dc9ca569f49ba505feb6373c">0736f95</a>)</li>
<li><strong>dns:</strong> fixed lookup error handling; (<a
href="https://redirect.github.com/axios/axios/issues/6175">#6175</a>)
(<a
href="https://github.com/axios/axios/commit/f4f2b039dd38eb4829e8583caede4ed6d2dd59be">f4f2b03</a>)</li>
</ul>
<h3>Contributors to this release</h3>
<ul>
<li><!-- raw HTML omitted --> <a
href="https://github.com/DigitalBrainJS" title="+41/-6
([#6176](axios/axios#6176)
[#6175](axios/axios#6175) )">Dmitriy
Mozgovoy</a></li>
<li><!-- raw HTML omitted --> <a href="https://github.com/jasonsaayman"
title="+6/-1 ()">Jay</a></li>
</ul>
<h2>Release v1.6.4</h2>
<h2>Release notes:</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>security:</strong> fixed formToJSON prototype pollution
vulnerability; (<a
href="https://redirect.github.com/axios/axios/issues/6167">#6167</a>)
(<a
href="https://github.com/axios/axios/commit/3c0c11cade045c4412c242b5727308cff9897a0e">3c0c11c</a>)</li>
<li><strong>security:</strong> fixed security vulnerability in
follow-redirects (<a
href="https://redirect.github.com/axios/axios/issues/6163">#6163</a>)
(<a
href="https://github.com/axios/axios/commit/75af1cdff5b3a6ca3766d3d3afbc3115bb0811b8">75af1cd</a>)</li>
</ul>
<h3>Contributors to this release</h3>
<ul>
<li><!-- raw HTML omitted --> <a href="https://github.com/jasonsaayman"
title="+34/-6 ()">Jay</a></li>
<li><!-- raw HTML omitted --> <a
href="https://github.com/DigitalBrainJS" title="+34/-3
([#6172](axios/axios#6172)
[#6167](axios/axios#6167) )">Dmitriy
Mozgovoy</a></li>
<li><!-- raw HTML omitted --> <a href="https://github.com/gnesher"
title="+10/-10 ([#6163](axios/axios#6163)
)">Guy Nesher</a></li>
</ul>
<h2>Release v1.6.3</h2>
<h2>Release notes:</h2>
<h3>Bug Fixes</h3>
<ul>
<li>Regular Expression Denial of Service (ReDoS) (<a
href="https://redirect.github.com/axios/axios/issues/6132">#6132</a>)
(<a
href="https://github.com/axios/axios/commit/5e7ad38fb0f819fceb19fb2ee5d5d38f56aa837d">5e7ad38</a>)</li>
</ul>
<h3>Contributors to this release</h3>
<ul>
<li><!-- raw HTML omitted --> <a href="https://github.com/jasonsaayman"
title="+15/-6 ([#6145](axios/axios#6145)
)">Jay</a></li>
<li><!-- raw HTML omitted --> <a
href="https://github.com/WillianAgostini" title="+17/-2
([#6132](axios/axios#6132) )">Willian
Agostini</a></li>
<li><!-- raw HTML omitted --> <a
href="https://github.com/DigitalBrainJS" title="+3/-0
([#6084](axios/axios#6084) )">Dmitriy
Mozgovoy</a></li>
</ul>
<h2>Release v1.6.2</h2>
<h2>Release notes:</h2>
<h3>Features</h3>
<ul>
<li><strong>withXSRFToken:</strong> added withXSRFToken option as a
workaround to achieve the old <code>withCredentials</code> behavior; (<a
href="https://redirect.github.com/axios/axios/issues/6046">#6046</a>)
(<a
href="https://github.com/axios/axios/commit/cff996779b272a5e94c2b52f5503ccf668bc42dc">cff9967</a>)</li>
</ul>
<h3>PRs</h3>
<ul>
<li>feat(withXSRFToken): added withXSRFToken option as a workaround to
achieve the old `withCredentials` behavior; ( <a
href="https://api.github.com/repos/axios/axios/pulls/6046">#6046</a>
)</li>
</ul>
<pre><code>
📢 This PR added &amp;#x27;withXSRFToken&amp;#x27; option as a
replacement for old withCredentials behaviour.
You should now use withXSRFToken along with withCredential to get the
old behavior.
This functionality is considered as a fix.
&lt;/tr&gt;&lt;/table&gt; 
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/axios/axios/blob/v1.x/CHANGELOG.md">axios's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/axios/axios/compare/v1.6.4...v1.6.5">1.6.5</a>
(2024-01-05)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>ci:</strong> refactor notify action as a job of publish
action; (<a
href="https://redirect.github.com/axios/axios/issues/6176">#6176</a>)
(<a
href="https://github.com/axios/axios/commit/0736f95ce8776366dc9ca569f49ba505feb6373c">0736f95</a>)</li>
<li><strong>dns:</strong> fixed lookup error handling; (<a
href="https://redirect.github.com/axios/axios/issues/6175">#6175</a>)
(<a
href="https://github.com/axios/axios/commit/f4f2b039dd38eb4829e8583caede4ed6d2dd59be">f4f2b03</a>)</li>
</ul>
<h3>Contributors to this release</h3>
<ul>
<li><!-- raw HTML omitted --> <a
href="https://github.com/DigitalBrainJS" title="+41/-6
([#6176](axios/axios#6176)
[#6175](axios/axios#6175) )">Dmitriy
Mozgovoy</a></li>
<li><!-- raw HTML omitted --> <a href="https://github.com/jasonsaayman"
title="+6/-1 ()">Jay</a></li>
</ul>
<h2><a
href="https://github.com/axios/axios/compare/v1.6.3...v1.6.4">1.6.4</a>
(2024-01-03)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>security:</strong> fixed formToJSON prototype pollution
vulnerability; (<a
href="https://redirect.github.com/axios/axios/issues/6167">#6167</a>)
(<a
href="https://github.com/axios/axios/commit/3c0c11cade045c4412c242b5727308cff9897a0e">3c0c11c</a>)</li>
<li><strong>security:</strong> fixed security vulnerability in
follow-redirects (<a
href="https://redirect.github.com/axios/axios/issues/6163">#6163</a>)
(<a
href="https://github.com/axios/axios/commit/75af1cdff5b3a6ca3766d3d3afbc3115bb0811b8">75af1cd</a>)</li>
</ul>
<h3>Contributors to this release</h3>
<ul>
<li><!-- raw HTML omitted --> <a href="https://github.com/jasonsaayman"
title="+34/-6 ()">Jay</a></li>
<li><!-- raw HTML omitted --> <a
href="https://github.com/DigitalBrainJS" title="+34/-3
([#6172](axios/axios#6172)
[#6167](axios/axios#6167) )">Dmitriy
Mozgovoy</a></li>
<li><!-- raw HTML omitted --> <a href="https://github.com/gnesher"
title="+10/-10 ([#6163](axios/axios#6163)
)">Guy Nesher</a></li>
</ul>
<h2><a
href="https://github.com/axios/axios/compare/v1.6.2...v1.6.3">1.6.3</a>
(2023-12-26)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>Regular Expression Denial of Service (ReDoS) (<a
href="https://redirect.github.com/axios/axios/issues/6132">#6132</a>)
(<a
href="https://github.com/axios/axios/commit/5e7ad38fb0f819fceb19fb2ee5d5d38f56aa837d">5e7ad38</a>)</li>
</ul>
<h3>Contributors to this release</h3>
<ul>
<li><!-- raw HTML omitted --> <a href="https://github.com/jasonsaayman"
title="+15/-6 ([#6145](axios/axios#6145)
)">Jay</a></li>
<li><!-- raw HTML omitted --> <a
href="https://github.com/WillianAgostini" title="+17/-2
([#6132](axios/axios#6132) )">Willian
Agostini</a></li>
<li><!-- raw HTML omitted --> <a
href="https://github.com/DigitalBrainJS" title="+3/-0
([#6084](axios/axios#6084) )">Dmitriy
Mozgovoy</a></li>
</ul>
<h2><a
href="https://github.com/axios/axios/compare/v1.6.1...v1.6.2">1.6.2</a>
(2023-11-14)</h2>
<h3>Features</h3>
<ul>
<li><strong>withXSRFToken:</strong> added withXSRFToken option as a
workaround to achieve the old <code>withCredentials</code> behavior; (<a
href="https://redirect.github.com/axios/axios/issues/6046">#6046</a>)
(<a
href="https://github.com/axios/axios/commit/cff996779b272a5e94c2b52f5503ccf668bc42dc">cff9967</a>)</li>
</ul>
<h3>PRs</h3>
<ul>
<li>feat(withXSRFToken): added withXSRFToken option as a workaround to
achieve the old `withCredentials` behavior; ( <a
href="https://api.github.com/repos/axios/axios/pulls/6046">#6046</a>
)</li>
</ul>
<pre><code>&lt;/tr&gt;&lt;/table&gt; 
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/axios/axios/commit/6d4c421ee157d93b47f3f9082a7044b1da221461"><code>6d4c421</code></a>
chore(release): v1.6.5 (<a
href="https://redirect.github.com/axios/axios/issues/6177">#6177</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/0736f95ce8776366dc9ca569f49ba505feb6373c"><code>0736f95</code></a>
fix(ci): refactor notify action as a job of publish action; (<a
href="https://redirect.github.com/axios/axios/issues/6176">#6176</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/f4f2b039dd38eb4829e8583caede4ed6d2dd59be"><code>f4f2b03</code></a>
fix(dns): fixed lookup error handling; (<a
href="https://redirect.github.com/axios/axios/issues/6175">#6175</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/1f73dcbbe0bb37f9e9908abb46a3c252536655c8"><code>1f73dcb</code></a>
docs: update sponsor links</li>
<li><a
href="https://github.com/axios/axios/commit/8790b8e7847c7f450544e7195c837ffc10fcb160"><code>8790b8e</code></a>
chore(release): v1.6.4 (<a
href="https://redirect.github.com/axios/axios/issues/6173">#6173</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/0ad520de0f087b7e012e432660e44631be7f689e"><code>0ad520d</code></a>
chore(ci): fix notify action; (<a
href="https://redirect.github.com/axios/axios/issues/6172">#6172</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/3c0c11cade045c4412c242b5727308cff9897a0e"><code>3c0c11c</code></a>
fix(security): fixed formToJSON prototype pollution vulnerability; (<a
href="https://redirect.github.com/axios/axios/issues/6167">#6167</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/75af1cdff5b3a6ca3766d3d3afbc3115bb0811b8"><code>75af1cd</code></a>
fix(security): fixed security vulnerability in follow-redirects (<a
href="https://redirect.github.com/axios/axios/issues/6163">#6163</a>)</li>
<li><a
href="https://github.com/axios/axios/commit/90864b3a3fb52ede567f7dd70b055f1f45c162ef"><code>90864b3</code></a>
docs: update logos</li>
<li><a
href="https://github.com/axios/axios/commit/1542719bc7300f885df202942eff986a3d826372"><code>1542719</code></a>
docs: updated headline sponsors</li>
<li>Additional commits viewable in <a
href="https://github.com/axios/axios/compare/v1.5.1...v1.6.5">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=axios&package-manager=npm_and_yarn&previous-version=1.5.1&new-version=1.6.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This was referenced Oct 27, 2025
Closed
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jasonsaayman jasonsaayman jasonsaayman approved these changes

+5 more reviewers

@wjkawecki wjkawecki wjkawecki approved these changes

@dabrad26 dabrad26 dabrad26 approved these changes

@AbdelrahmanHafez AbdelrahmanHafez AbdelrahmanHafez approved these changes

@Philip-Carneiro-KX Philip-Carneiro-KX Philip-Carneiro-KX approved these changes

@Myszko-wr Myszko-wr Myszko-wr approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.