motia icon indicating copy to clipboard operation
motia copied to clipboard
verified publisher icon MotiaDev

chore(deps): bump axios to 1.12.0 and next to 15.4.7 - security updates

Open EthanThePhoenix38 opened this issue 3 months ago • 5 comments

Description

This PR updates critical dependencies to address security vulnerabilities detected by Dependabot. The updates include axios and Next.js across multiple directories.

Type of Change

  • [x] Bug fix (non-breaking change which fixes an issue)
  • [ ] New feature (non-breaking change which adds functionality)
  • [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • [x] Documentation update
  • [ ] Other (please describe):

Changes Made

  • Updated axios from 1.9.0 to 1.12.0 in root directory
  • Updated next from 15.3.2 to 15.4.7 in root directory
  • Updated next from 15.3.2 to 15.4.7 in /packages/docs directory
  • Fixed security vulnerabilities identified by Dependabot

Security Fixes

This update addresses security vulnerabilities in the following packages:

  • axios: Updated to version 1.12.0 to resolve security issues
  • next: Updated to version 15.4.7 to resolve security issues

Testing

  • [x] I have tested my changes locally
  • [ ] I have added tests that prove my fix is effective or that my feature works (if applicable)
  • [x] All existing tests pass

Additional Context

This is an automated security update generated by Dependabot and reviewed by Copilot. The changes are backward compatible and focus on security improvements without breaking existing functionality.

Release Notes:

Checklist

  • [x] My code follows the project's coding conventions
  • [x] I have performed a self-review of my own code
  • [ ] I have made corresponding changes to the documentation (if applicable)
  • [x] My changes generate no new warnings

EthanThePhoenix38 avatar Sep 25 '25 02:09 EthanThePhoenix38

@EthanThePhoenix38 is attempting to deploy a commit to the motia Team on Vercel.

A member of the Team first needs to authorize it.

vercel[bot] avatar Sep 25 '25 02:09 vercel[bot]

Hey @EthanThePhoenix38 Thanks for your PR, We'll review this very soon and get back to you.

Thanks again.

rohitg00 avatar Sep 25 '25 05:09 rohitg00

Hi, What are the News?

EthanThePhoenix38 avatar Oct 16 '25 05:10 EthanThePhoenix38

⚠️ This PR is quite large (>1000 lines). Consider splitting it into smaller PRs for easier review.

github-actions[bot] avatar Nov 20 '25 20:11 github-actions[bot]

Hey @EthanThePhoenix38, I'm extremely sorry for missing your reply on this PR.

Please forgive me. I'm feeling like a very bad guy here.

Can you resolve the conflicts, we would love to address this PR quickly as possible.

Thanks

rohitg00 avatar Nov 20 '25 20:11 rohitg00

@EthanThePhoenix38 hey Ethan, can you resolve the conflicts? Once you have done that I'll merge your PR.

ytallo avatar Dec 06 '25 18:12 ytallo

@EthanThePhoenix38 the nextjs issue was already addressed. Please rebase your branch with main.

andersonleal avatar Dec 06 '25 18:12 andersonleal