This repository has been archived by the owner on Sep 27, 2022. It is now read-only.
[Snyk] Upgrade axios from 0.18.1 to 0.21.1 #71
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Snyk has created this PR to upgrade axios from 0.18.1 to 0.21.1. See this package in npm: https://www.npmjs.com/package/axios See this project in Snyk: https://app.snyk.io/org/podarok/project/6044d276-123a-47f6-bc56-2337e11f649d?utm_source=github&utm_medium=upgrade-pr
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to upgrade axios from 0.18.1 to 0.21.1.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version fixes:
SNYK-JS-AXIOS-1038255
Why? Proof of Concept exploit, Has a fix available, CVSS 5.9
(*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: axios
-
0.21.1 - 2020-12-22
- Hotfix: Prevent SSRF (#3410)
- Protocol not parsed when setting proxy config from env vars (#3070)
- Updating axios in types to be lower case (#2797)
- Adding a type guard for
- Remove the skipping of the
- Use different socket for Win32 test (#3375)
- Daniel Lopretto timemachine3030@users.noreply.github.com
- Jason Kwok JasonHK@users.noreply.github.com
- Jay jasonsaayman@gmail.com
- Jonathan Foster jonathan@jonathanfoster.io
- Remco Haszing remcohaszing@gmail.com
- Xianming Zhong chinesedfan@qq.com
-
0.21.0 - 2020-10-23
- Fixing requestHeaders.Authorization (#3287)
- Fixing node types (#3237)
- Fixing axios.delete ignores config.data (#3282)
- Revert "Fixing overwrite Blob/File type as Content-Type in browser. (#1773)" (#3289)
- Fixing an issue that type 'null' and 'undefined' is not assignable to validateStatus when typescript strict option is enabled (#3200)
- Lock travis to not use node v15 (#3361)
- Fixing simple typo, existant -> existent (#3252)
- Fixing typos (#3309)
- Allan Cruz 57270969+Allanbcruz@users.noreply.github.com
- George Cheng Gerhut@GMail.com
- Jay jasonsaayman@gmail.com
- Kevin Kirsche Kev.Kirsche+GitHub@gmail.com
- Remco Haszing remcohaszing@gmail.com
- Taemin Shin cprayer13@gmail.com
- Tim Gates tim.gates@iress.com
- Xianming Zhong chinesedfan@qq.com
-
0.20.0 - 2020-08-21
-
0.20.0-0 - 2020-07-15
-
0.19.2 - 2020-01-22
- Remove unnecessary XSS check (#2679) (see (#2646) for discussion)
-
0.19.1 - 2020-01-07
- Fixing invalid agent issue (#1904)
- Fix ignore set withCredentials false (#2582)
- Delete useless default to hash (#2458)
- Fix HTTP/HTTPs agents passing to follow-redirect (#1904)
- Fix ignore set withCredentials false (#2582)
- Fix CI build failure (#2570)
- Remove dependency on is-buffer from package.json (#1816)
- Adding options typings (#2341)
- Adding Typescript HTTP method definition for LINK and UNLINK. (#2444)
- Update dist with newest changes, fixes Custom Attributes issue
- Change syntax to see if build passes (#2488)
- Update Webpack + deps, remove now unnecessary polyfills (#2410)
- Fix to prevent XSS, throw an error when the URL contains a JS script (#2464)
- Add custom timeout error copy in config (#2275)
- Add error toJSON example (#2466)
- Fixing Vulnerability A Fortify Scan finds a critical Cross-Site Scrip… (#2451)
- Fixing subdomain handling on no_proxy (#2442)
- Make redirection from HTTP to HTTPS work ([#2426](https://github.com/axios/axios/pull/2426] and (#2547)
- Add toJSON property to AxiosError type (#2427)
- Fixing socket hang up error on node side for slow response. (#1752)
- Alternative syntax to send data into the body (#2317)
- Fixing custom config options (#2207)
- Fixing set
- Axios create url bug (#2290)
- Do not modify config.url when using a relative baseURL (resolves #1628) (#2391)
- Add typescript HTTP method definition for LINK and UNLINK (#2444)
- Revert "Update Webpack + deps, remove now unnecessary polyfills" (#2479)
- Order of if/else blocks is causing unit tests mocking XHR. (#2201)
- Add license badge (#2446)
- Fix travis CI build #2386
- Fix cancellation error on build master. #2290 #2207 (#2407)
- Fixing typo in CHANGELOG.md: s/Functionallity/Functionality (#2639)
- Fix badge, use master branch (#2538)
- Fix typo in changelog #2193
- Document fix (#2514)
- Update docs with no_proxy change, issue #2484 (#2513)
- Fixing missing words in docs template (#2259)
- 🐛Fix request finally documentation in README (#2189)
- updating spelling and adding link to docs (#2212)
- docs: minor tweak (#2404)
- Update response interceptor docs (#2399)
- Update README.md (#2504)
- Fix word 'sintaxe' to 'syntax' in README.md (#2432)
- upadating README: notes on CommonJS autocomplete (#2256)
- Fix grammar in README.md (#2271)
- Doc fixes, minor examples cleanup (#2198)
-
0.19.0 - 2019-05-30
-
0.19.0-beta.1 - 2018-08-09
- Add getUri method (#1712)
- Add support for no_proxy env variable (#1693)
- Add toJSON to decorated Axios errors to faciliate serialization (#1625)
- Add second then on axios call (#1623)
- Typings: allow custom return types
- Add option to specify character set in responses (with http adapter)
- Fix Keep defaults local to instance (#385)
- Correctly catch exception in http test (#1475)
- Fix accept header normalization (#1698)
- Fix http adapter to allow HTTPS connections via HTTP (#959)
- Fix Removes usage of deprecated Buffer constructor. (#1555, #1622)
- Fix defaults to use httpAdapter if available (#1285)
- Fixing defaults to use httpAdapter if available
- Use a safer, cross-platform method to detect the Node environment
- Fix Reject promise if request is cancelled by the browser (#537)
- [Typescript] Fix missing type parameters on delete/head methods
- [NS]: Send
- Fix missing type parameters on delete/head
- Fix Default method for an instance always overwritten by get
- Fix type error when socketPath option in AxiosRequestConfig
- Capture errors on request data streams
- Decorate resolve and reject to clear timeout in all cases
-
0.18.1 - 2019-06-01
- Destroy stream on exceeding maxContentLength (fixes #1098) (#1485) - Gadzhi Gadzhiev
from axios GitHub release notes0.21.1 (December 21, 2020)
Fixes and Functionality:
AxiosError(#2949)Internal and Tests:
sockethttp test (#3364)Huge thanks to everyone who contributed to this release via code (authors listed below) or via reviews and triaging on GitHub:
0.21.0 (October 23, 2020)
Fixes and Functionality:
Internal and Tests:
Documentation:
Huge thanks to everyone who contributed to this release via code (authors listed below) or via reviews and triaging on GitHub:
Release of 0.20.0-pre as a full release with no other changes.
Read more
Fixes and Functionality:
config.methodafter mergeConfig for Axios.prototype.request (#2383)Internal:
Documentation:
Read more
NOTE: This is a beta version of this release. There may be functionality that is broken in
certain browsers, though we suspect that builds are hanging and not erroring. See
https://saucelabs.com/u/axios for the most up-to-date information.
New Functionality:
Fixes:
falseflag isStandardBrowserEnv for NativescriptSecurity Fix:
Commit messages
Package name: axios
Compare
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs