whatsapp-api
whatsapp-api copied to clipboard
Published
20 hours ago •
chrishubert
chrishubert
[Snyk] Upgrade axios from 1.6.7 to 1.7.4
Snyk has created this PR to upgrade axios from 1.6.7 to 1.7.4.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
-
The recommended version is 9 versions ahead of your current version.
-
The recommended version was released on 21 days ago.
Issues fixed by the recommended upgrade:
| Issue | Score | Exploit Maturity | |
|---|---|---|---|
 |
Server-side Request Forgery (SSRF) SNYK-JS-AXIOS-7361793 |
432 | Proof of Concept |
 |
Information Exposure SNYK-JS-FOLLOWREDIRECTS-6444610 |
432 | Proof of Concept |
Release notes
Package name: axios
-
1.7.4 - 2024-08-13
Release notes:
Bug Fixes
- sec: CVE-2024-39338 (#6539) (#6543) (6b6b605)
- sec: disregard protocol-relative URL to remediate SSRF (#6539) (07a661a)
Contributors to this release
-
1.7.3 - 2024-08-01
Release notes:
Bug Fixes
- adapter: fix progress event emitting; (#6518) (e3c76fc)
- fetch: fix withCredentials request config (#6505) (85d4d0e)
- xhr: return original config on errors from XHR adapter (#6515) (8966ee7)
Contributors to this release
-
1.7.2 - 2024-05-21
Release notes:
Bug Fixes
Contributors to this release
-
1.7.1 - 2024-05-20
Release notes:
Bug Fixes
- fetch: fixed ReferenceError issue when TextEncoder is not available in the environment; (#6410) (733f15f)
Contributors to this release
-
1.7.0 - 2024-05-19
Release notes:
Features
Bug Fixes
Contributors to this release
-
1.7.0-beta.2 - 2024-05-19
Release notes:
Bug Fixes
- fetch: capitalize HTTP method names; (#6395) (ad3174a)
- fetch: fix & optimize progress capturing for cases when the request data has a nullish value or zero data length (#6400) (95a3e8e)
- fetch: fix headers getting from a stream response; (#6401) (870e0a7)
Contributors to this release
-
1.7.0-beta.1 - 2024-05-07
Release notes:
Bug Fixes
- core/axios: handle un-writable error stack (#6362) (81e0455)
- fetch: fix cases when ReadableStream or Response.body are not available; (#6377) (d1d359d)
- fetch: treat fetch-related TypeError as an AxiosError.ERR_NETWORK error; (#6380) (bb5f9a5)
Contributors to this release
Install
npm i axios@next -
1.7.0-beta.0 - 2024-04-28
Release notes:
Features
Contributors to this release
Install
npm i axios@next -
1.6.8 - 2024-03-15
Release notes:
Bug Fixes
- AxiosHeaders: fix AxiosHeaders conversion to an object during config merging (#6243) (2656612)
- import: use named export for EventEmitter; (7320430)
- vulnerability: update follow-redirects to 1.15.6 (#6300) (8786e0f)
Contributors to this release
- 1.6.7 - 2024-01-25
[!IMPORTANT]
- Check the changes in this PR to ensure they won't cause issues with your project.
- This PR was automatically created by Snyk using the credentials of a real user.
- Max score is 1000. Note that the real score may have changed since the PR was raised.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
