[Snyk] Upgrade axios from 1.6.7 to 1.6.8 #202

chrishubert · 2024-04-17T01:01:27Z

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade axios from 1.6.7 to 1.6.8.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 1 version ahead of your current version.
The recommended version was released a month ago, on 2024-03-15.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-6444610	432/1000 Why? Proof of Concept exploit, CVSS 6.5	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: axios

1.6.8 - 2024-03-15
Release notes:

Bug Fixes
- AxiosHeaders: fix AxiosHeaders conversion to an object during config merging (#6243) (2656612)
- import: use named export for EventEmitter; (7320430)
- vulnerability: update follow-redirects to 1.15.6 (#6300) (8786e0f)
Contributors to this release
1.6.7 - 2024-01-25
Release notes:

Bug Fixes
- capture async stack only for rejections with native error objects; (#6203) (1a08f90)
Contributors to this release
- Dmitriy Mozgovoy
- zhoulixiang

from axios GitHub release notes

Commit messages

Package name: axios

ab3f0f9 chore(release): v1.6.8 (#6303)
2656612 fix(AxiosHeaders): fix AxiosHeaders conversion to an object during config merging (#6243)
7320430 fix(import): use named export for EventEmitter;
8786e0f fix(vulnerability): update follow-redirects to 1.15.6 (#6300)
d844227 chore: update and bump deps (#6238)
caa0625 docs: update README responseEncoding types (#6194)
41c4584 docs: Update README.md to point to current axios version in CDN links (#6196)
bf6974f chore(ci): add npm tag action; (#6231)