Notion-Blog-React
Notion-Blog-React copied to clipboard
okisdev
Update dependency axios to v1.6.0 [SECURITY]
This PR contains the following updates:
| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| axios (source) | 1.4.0 -> 1.6.0 |
GitHub Vulnerability Alerts
CVE-2023-45857
An issue discovered in Axios 0.8.1 through 1.5.1 inadvertently reveals the confidential XSRF-TOKEN stored in cookies by including it in the HTTP header X-XSRF-TOKEN for every request made to any host allowing attackers to view sensitive information.
Release Notes
axios/axios (axios)
v1.6.0
Bug Fixes
- CSRF: fixed CSRF vulnerability CVE-2023-45857 (#6028) (96ee232)
- dns: fixed lookup function decorator to work properly in node v20; (#6011) (5aaff53)
- types: fix AxiosHeaders types; (#5931) (a1c8ad0)
PRs
- CVE 2023 45857 ( #6028 )
⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
Contributors to this release
1.5.1 (2023-09-26)
Bug Fixes
- adapters: improved adapters loading logic to have clear error messages; (#5919) (e410779)
- formdata: fixed automatic addition of the
Content-Typeheader for FormData in non-browser environments; (#5917) (bc9af51) - headers: allow
content-encodingheader to handle case-insensitive values (#5890) (#5892) (4c89f25) - types: removed duplicated code (9e62056)
Contributors to this release
PRs
- CVE 2023 45857 ( #6028 )
⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
v1.5.1
Bug Fixes
- adapters: improved adapters loading logic to have clear error messages; (#5919) (e410779)
- formdata: fixed automatic addition of the
Content-Typeheader for FormData in non-browser environments; (#5917) (bc9af51) - headers: allow
content-encodingheader to handle case-insensitive values (#5890) (#5892) (4c89f25) - types: removed duplicated code (9e62056)
Contributors to this release
v1.5.0
Bug Fixes
- adapter: make adapter loading error more clear by using platform-specific adapters explicitly (#5837) (9a414bb)
- dns: fixed
cacheable-lookupintegration; (#5836) (b3e327d) - headers: added support for setting header names that overlap with class methods; (#5831) (d8b4ca0)
- headers: fixed common Content-Type header merging; (#5832) (8fda276)
Features
- export getAdapter function (#5324) (ca73eb8)
- export: export adapters without
unsafeprefix (#5839) (1601f4a)
Contributors to this release
Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
- [ ] If you want to rebase/retry this PR, check this box
This PR has been generated by Mend Renovate. View repository job log here.
![renovate[bot] avatar](https://avatars.githubusercontent.com/in/2740?v=4 "Published by a pub.dev verified publisher"){kind=small}
The latest updates on your projects. Learn more about Vercel for Git ↗︎
| Name | Status | Preview | Updated (UTC) |
|---|---|---|---|
| notion-blog-react | ✅ Ready (Inspect) | Visit Preview | Feb 21, 2024 4:12am |
![vercel[bot] avatar](https://avatars.githubusercontent.com/in/8329?v=4 "Published by a pub.dev verified publisher"){kind=small}