From 4a98ccf770aaee10e0df67b33e237a6586e3757e Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 25 May 2023 08:56:46 +0000
Subject: [PATCH] fix(deps): bump axios from 0.27.2 to 1.4.0 (#269)
Bumps [axios](https://github.com/axios/axios) from 0.27.2 to 1.4.0.
Release notes
Sourced from axios's releases.
Release v1.4.0
Release notes:
Bug Fixes
- formdata: add
multipart/form-data content type for FormData payload on custom client environments; (#5678) (bbb61e7)
- package: export package internals with unsafe path prefix; (#5677) (df38c94)
Features
- dns: added support for a custom lookup function; (#5339) (2701911)
- types: export
AxiosHeaderValue type. (#5525) (726f1c8)
Performance Improvements
- merge-config: optimize mergeConfig performance by avoiding duplicate key visits; (#5679) (e6f7053)
Contributors to this release
Release v1.3.6
Release notes:
Bug Fixes
- types: added transport to RawAxiosRequestConfig (#5445) (6f360a2)
- utils: make isFormData detection logic stricter to avoid unnecessary calling of the
toString method on the target; (#5661) (aa372f7)
Contributors to this release
Release v1.3.5
Release notes:
Bug Fixes
- headers: fixed isValidHeaderName to support full list of allowed characters; (#5584) (e7decef)
- params: re-added the ability to set the function as
paramsSerializer config; (#5633) (a56c866)
Contributors to this release
Release v1.3.4
Release notes:
Bug Fixes
... (truncated)
Changelog
Sourced from axios's changelog.
1.4.0 (2023-04-27)
Bug Fixes
- formdata: add
multipart/form-data content type for FormData payload on custom client environments; (#5678) (bbb61e7)
- package: export package internals with unsafe path prefix; (#5677) (df38c94)
Features
- dns: added support for a custom lookup function; (#5339) (2701911)
- types: export
AxiosHeaderValue type. (#5525) (726f1c8)
Performance Improvements
- merge-config: optimize mergeConfig performance by avoiding duplicate key visits; (#5679) (e6f7053)
Contributors to this release
1.3.6 (2023-04-19)
Bug Fixes
- types: added transport to RawAxiosRequestConfig (#5445) (6f360a2)
- utils: make isFormData detection logic stricter to avoid unnecessary calling of the
toString method on the target; (#5661) (aa372f7)
Contributors to this release
1.3.5 (2023-04-05)
Bug Fixes
- headers: fixed isValidHeaderName to support full list of allowed characters; (#5584) (e7decef)
- params: re-added the ability to set the function as
paramsSerializer config; (#5633) (a56c866)
Contributors to this release
... (truncated)
Commits
21a5ad3 chore(release): v1.4.0 (#5683)d627610 chore(utils): refactored isAsyncFn util to avoid inlining additional Babel he...e18fdd8 refactor: remove deprecated url-search-params polyfill for URLSearchParams (#...726f1c8 feat(types): export AxiosHeaderValue type. (#5525)2701911 feat(dns): added support for a custom lookup function; (#5339)e6f7053 perf(merge-config): optimize mergeConfig performance by avoiding duplicate ke...bbb61e7 fix(formdata): add multipart/form-data content type for FormData payload on...df38c94 fix(package): export package internals with unsafe path prefix; (#5677)59eb991 chore(release): v1.3.6 (#5666)1b8cc3b chore(template): improve issue template; (#5665)- Additional commits viewable in compare view
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
---
package-lock.json | 34 +++++++++++++++++++++++-----------
package.json | 2 +-
2 files changed, 24 insertions(+), 12 deletions(-)
diff --git a/package-lock.json b/package-lock.json
index 7e50325..1a694d6 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -10,7 +10,7 @@
"license": "MIT",
"dependencies": {
"@relaycorp/relaynet-core": "< 2",
- "axios": "^0.27.2"
+ "axios": "^1.4.0"
},
"devDependencies": {
"@relaycorp/shared-config": "^1.9.1",
@@ -1767,12 +1767,13 @@
"integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k="
},
"node_modules/axios": {
- "version": "0.27.2",
- "resolved": "https://registry.npmjs.org/axios/-/axios-0.27.2.tgz",
- "integrity": "sha512-t+yRIyySRTp/wua5xEr+z1q60QmLq8ABsS5O9Me1AsE5dfKqgnCFzwiCZZ/cGNd1lq4/7akDWMxdhVlucjmnOQ==",
+ "version": "1.4.0",
+ "resolved": "https://registry.npmjs.org/axios/-/axios-1.4.0.tgz",
+ "integrity": "sha512-S4XCWMEmzvo64T9GfvQDOXgYRDJ/wsSZc7Jvdgx5u1sd0JwsuPLqb3SYmusag+edF6ziyMensPVqLTSc1PiSEA==",
"dependencies": {
- "follow-redirects": "^1.14.9",
- "form-data": "^4.0.0"
+ "follow-redirects": "^1.15.0",
+ "form-data": "^4.0.0",
+ "proxy-from-env": "^1.1.0"
}
},
"node_modules/babel-jest": {
@@ -5384,6 +5385,11 @@
"node": ">= 6"
}
},
+ "node_modules/proxy-from-env": {
+ "version": "1.1.0",
+ "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz",
+ "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg=="
+ },
"node_modules/punycode": {
"version": "2.1.1",
"resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz",
@@ -7808,12 +7814,13 @@
"integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k="
},
"axios": {
- "version": "0.27.2",
- "resolved": "https://registry.npmjs.org/axios/-/axios-0.27.2.tgz",
- "integrity": "sha512-t+yRIyySRTp/wua5xEr+z1q60QmLq8ABsS5O9Me1AsE5dfKqgnCFzwiCZZ/cGNd1lq4/7akDWMxdhVlucjmnOQ==",
+ "version": "1.4.0",
+ "resolved": "https://registry.npmjs.org/axios/-/axios-1.4.0.tgz",
+ "integrity": "sha512-S4XCWMEmzvo64T9GfvQDOXgYRDJ/wsSZc7Jvdgx5u1sd0JwsuPLqb3SYmusag+edF6ziyMensPVqLTSc1PiSEA==",
"requires": {
- "follow-redirects": "^1.14.9",
- "form-data": "^4.0.0"
+ "follow-redirects": "^1.15.0",
+ "form-data": "^4.0.0",
+ "proxy-from-env": "^1.1.0"
}
},
"babel-jest": {
@@ -10478,6 +10485,11 @@
"sisteransi": "^1.0.5"
}
},
+ "proxy-from-env": {
+ "version": "1.1.0",
+ "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz",
+ "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg=="
+ },
"punycode": {
"version": "2.1.1",
"resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz",
diff --git a/package.json b/package.json
index ba679ce..0d8b870 100644
--- a/package.json
+++ b/package.json
@@ -44,7 +44,7 @@
},
"dependencies": {
"@relaycorp/relaynet-core": "< 2",
- "axios": "^0.27.2"
+ "axios": "^1.4.0"
},
"devDependencies": {
"@relaycorp/shared-config": "^1.9.1",