Bump "axios" package version

[updateclibot]

Bump "axios" package version

Bump "axios" package version to 1.15.0

ran shell command "npm install --package-lock-only --dry-run=$DRY_RUN axios@1.15.0"

v1.15.0

This release delivers two critical security patches, adds runtime support for Deno and Bun, and includes significant CI hardening, documentation improvements, and routine dependency updates.

## ⚠️ Important Changes

* **Deprecation:** `url.parse()` usage has been replaced to address Node.js deprecation warnings. If you are on a recent version of Node.js, this resolves console warnings you may have been seeing. (__#10625__)

## 🔒 Security Fixes

* **Proxy Handling:** Fixed a `no_proxy` hostname normalisation bypass that could lead to Server-Side Request Forgery (SSRF). (__#10661__)
* **Header Injection:** Fixed an unrestricted cloud metadata exfiltration vulnerability via a header injection chain. (__#10660__)

## 🚀 New Features

* **Runtime Support:** Added compatibility checks and documentation for Deno and Bun environments. (__#10652__, __#10653__)

## 🔧 Maintenance & Chores

* **CI Security:** Hardened workflow permissions to least privilege, added the `zizmor` security scanner, pinned action versions, and gated npm publishing with OIDC and environment protection. (__#10618__, __#10619__, __#10627__, __#10637__, __#10666__)
* **Dependencies:** Bumped `serialize-javascript`, `handlebars`, `picomatch`, `vite`, and `denoland/setup-deno` to latest versions. Added a 7-day Dependabot cooldown period. (__#10574__, __#10572__, __#10568__, __#10663__, __#10664__, __#10665__, __#10669__, __#10670__, __#10616__)
* **Documentation:** Unified docs, improved `beforeRedirect` credential leakage example, clarified `withCredentials`/`withXSRFToken` behaviour, HTTP/2 support notes, async/await timeout error handling, header case preservation, and various typo fixes. (__#10649__, __#10624__, __#7452__, __#7471__, __#10654__, __#10644__, __#10589__)
* **Housekeeping:** Removed stale files, regenerated lockfile, and updated sponsor scripts and blocks. (__#10584__, __#10650__, __#10582__, __#10640__, __#10659__, __#10668__)
* **Tests:** Added regression coverage for urlencoded `Content-Type` casing. (__#10573__)

## 🌟 New Contributors

We are thrilled to welcome our new contributors. Thank you for helping improve Axios:

* __@raashish1601__ (__#10573__)
* __@Kilros0817__ (__#10625__)
* __@ashstrc__ (__#10624__)
* __@Abhi3975__ (__#10589__)
* __@theamodhshetty__ (__#7452__)

GitHub Action workflow link

---

Created automatically by Updatecli Options: Most of Updatecli configuration is done via its manifest(s). If you close this pull request, Updatecli will automatically reopen it, the next time it runs. If you close this pull request and delete the base branch, Updatecli will automatically recreate it, erasing all previous commits made. Feel free to report any issues at github.com/updatecli/updatecli. If you find this tool useful, do not hesitate to star our GitHub repository as a sign of appreciation, and/or to tell us directly on our chat!