This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade axios from 0.23.0 to 0.27.2.
i️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
- The recommended version is 7 versions ahead of your current version.
- The recommended version was released a year ago, on 2022年04月27日.
The recommended version fixes:
(*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: axios
-
0.27.2 - 2022年04月27日
Fixes and Functionality:
- Fixed FormData posting in browser environment by reverting #3785 (#4640)
- Enhanced protocol parsing implementation (#4639)
- Fixed bundle size
-
0.27.1 - 2022年04月26日
Fixes and Functionality:
- Removed import of url module in browser build due to huge size overhead and builds being broken (#4594)
- Bumped follow-redirects to ^1.14.9 (#4615)
-
0.27.0 - 2022年04月25日
Breaking changes:
- New toFormData helper function that allows the implementor to pass an object and allow axios to convert it to FormData (#3757)
- Removed functionality that removed the the
Content-Type request header when passing FormData (#3785)
- (*) Refactored error handling implementing AxiosError as a constructor, this is a large change to error handling on the whole (#3645)
- Separated responsibility for FormData instantiation between
transformRequest and toFormData (#4470)
- (*) Improved and fixed multiple issues with FormData support (#4448)
QOL and DevX improvements:
- Added a multipart/form-data testing playground allowing contributors to debug changes easily (#4465)
Fixes and Functionality:
- Refactored project file structure to avoid circular imports (#4515) & (#4516)
- Bumped follow-redirects to ^1.14.9 (#4562)
Internal and Tests:
- Updated dev dependencies to latest version
Documentation:
- Fixing incorrect link in changelog (#4551)
Notes:
- (*) Please read these pull requests before updating, these changes are very impactful and far reaching.
-
0.26.1 - 2022年03月09日
Fixes and Functionality:
- Refactored project file structure to avoid circular imports (#4220)
-
0.26.0 - 2022年02月13日
Fixes and Functionality:
- Fixed The timeoutErrorMessage property in config not work with Node.js (#3581)
- Added errors to be displayed when the query parsing process itself fails (#3961)
- Fix/remove url required (#4426)
- Update follow-redirects dependency due to Vulnerability (#4462)
- Bump karma from 6.3.11 to 6.3.14 (#4461)
- Bump follow-redirects from 1.14.7 to 1.14.8 (#4473)
-
0.25.0 - 2022年01月18日
Breaking changes:
- Fixing maxBodyLength enforcement (#3786)
- Don't rely on strict mode behaviour for arguments (#3470)
- Adding error handling when missing url (#3791)
- Update isAbsoluteURL.js removing escaping of non-special characters (#3809)
- Use native Array.isArray() in utils.js (#3836)
- Adding error handling inside stream end callback (#3967)
Fixes and Functionality:
- Added aborted even handler (#3916)
- Header types expanded allowing
boolean and number types (#4144)
- Fix cancel signature allowing cancel message to be
undefined (#3153)
- Updated type checks to be formulated better (#3342)
- Avoid unnecessary buffer allocations (#3321)
- Adding a socket handler to keep TCP connection live when processing long living requests (#3422)
- Added toFormData helper function (#3757)
- Adding responseEncoding prop type in AxiosRequestConfig (#3918)
Internal and Tests:
- Adding axios-test-instance to ecosystem (#3786)
- Optimize the logic of isAxiosError (#3546)
- Add tests and documentation to display how multiple inceptors work (#3564)
- Updating follow-redirects to version 1.14.7 (#4379)
Documentation:
- Fixing changelog to show corrext pull request (#4219)
- Update upgrade guide for https proxy setting (#3604)
Huge thanks to everyone who contributed to this release via code (authors listed below) or via reviews and triaging on GitHub:
-
0.24.0 - 2021年10月25日
Breaking changes:
- Revert: change type of AxiosResponse to any, please read lengthy discussion here: (#4141) pull request: (#4186)
Huge thanks to everyone who contributed to this release via code (authors listed below) or via reviews and triaging on GitHub:
-
0.23.0 - 2021年10月12日
Breaking changes:
- Distinguish request and response data types (#4116)
- Change never type to unknown (#4142)
- Fixed TransitionalOptions typings (#4147)
Fixes and Functionality:
- Adding globalObject: 'this' to webpack config (#3176)
- Adding insecureHTTPParser type to AxiosRequestConfig (#4066)
- Fix missing semicolon in typings (#4115)
- Fix response headers types (#4136)
Internal and Tests:
- Improve timeout error when timeout is browser default (#3209)
- Fix node version on CI (#4069)
- Added testing to TypeScript portion of project (#4140)
Documentation:
- Rename Angular to AngularJS (#4114)
Huge thanks to everyone who contributed to this release via code (authors listed below) or via reviews and triaging on GitHub:
from axios GitHub release notes
Commit messages
Package name: axios
- bc733fe Releasing v0.27.2
- b9e9fb4 Enhanced protocol parsing implementation to fix #4633; (#4639)
- 76432c1 Fixed FormData posting in browser environment by reverting #3785; (#4640)
- 82fd15f Combined build process and cleaned it up a bit
- 1d82af1 Fixing issues with bundle sizes
- bcb166e Fixed incorrect date in changelog
- 838f53b Merge branch 'master' of github.com:axios/axios
- cb9c534 Releasing v0.27.1
- 91d21fc Releasing v0.72.1
- 167cb8b Remove eslint-g package as this seems have been added in error
- 4f7e3e3 Removed import of url module in browser build due to significant size overhead; (#4594)
- cdd7add Fixed date on chnagelog
- f94dda9 Bump async from 2.6.3 to 2.6.4 (#4615)
- 008dd9d Releaseing version 0.27.0
- ee151a7 Revert some changes that are only required when we actually release
- 499d3be follow-redirects to ^1.14.9 (#4562)
- d24ce8e Updated a number of out of date dev packages
- 5b0d492 Bump minimist from 1.2.5 to 1.2.6 (#4574)
- cdda1ad Merge branch 'carpben-env-form-data'
- 3e0954d Fixed merge conflicts
- a3dd603 Merge branch 'Tivix-fix#1603'
- 9b8e004 Merge branch 'fix#1603' of https://github.com/Tivix/axios into Tivix-fix#1603
- 1f13dd7 Fixed some imports that were not correct
- 8699891 Fixed merge conflicts
Compare
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade axios from 0.23.0 to 0.27.2.
i️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version fixes:
SNYK-JS-FOLLOWREDIRECTS-2332181
Why? Proof of Concept exploit, CVSS 5.3
SNYK-JS-FOLLOWREDIRECTS-2396346
Why? Proof of Concept exploit, CVSS 5.3
(*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: axios
-
0.27.2 - 2022年04月27日
- Fixed FormData posting in browser environment by reverting #3785 (#4640)
- Enhanced protocol parsing implementation (#4639)
- Fixed bundle size
-
0.27.1 - 2022年04月26日
- Removed import of url module in browser build due to huge size overhead and builds being broken (#4594)
- Bumped follow-redirects to ^1.14.9 (#4615)
-
0.27.0 - 2022年04月25日
- New toFormData helper function that allows the implementor to pass an object and allow axios to convert it to FormData (#3757)
- Removed functionality that removed the the
- (*) Refactored error handling implementing AxiosError as a constructor, this is a large change to error handling on the whole (#3645)
- Separated responsibility for FormData instantiation between
- (*) Improved and fixed multiple issues with FormData support (#4448)
- Added a multipart/form-data testing playground allowing contributors to debug changes easily (#4465)
- Refactored project file structure to avoid circular imports (#4515) & (#4516)
- Bumped follow-redirects to ^1.14.9 (#4562)
- Updated dev dependencies to latest version
- Fixing incorrect link in changelog (#4551)
- (*) Please read these pull requests before updating, these changes are very impactful and far reaching.
-
0.26.1 - 2022年03月09日
- Refactored project file structure to avoid circular imports (#4220)
-
0.26.0 - 2022年02月13日
- Fixed The timeoutErrorMessage property in config not work with Node.js (#3581)
- Added errors to be displayed when the query parsing process itself fails (#3961)
- Fix/remove url required (#4426)
- Update follow-redirects dependency due to Vulnerability (#4462)
- Bump karma from 6.3.11 to 6.3.14 (#4461)
- Bump follow-redirects from 1.14.7 to 1.14.8 (#4473)
-
0.25.0 - 2022年01月18日
- Fixing maxBodyLength enforcement (#3786)
- Don't rely on strict mode behaviour for arguments (#3470)
- Adding error handling when missing url (#3791)
- Update isAbsoluteURL.js removing escaping of non-special characters (#3809)
- Use native Array.isArray() in utils.js (#3836)
- Adding error handling inside stream end callback (#3967)
- Added aborted even handler (#3916)
- Header types expanded allowing
- Fix cancel signature allowing cancel message to be
- Updated type checks to be formulated better (#3342)
- Avoid unnecessary buffer allocations (#3321)
- Adding a socket handler to keep TCP connection live when processing long living requests (#3422)
- Added toFormData helper function (#3757)
- Adding responseEncoding prop type in AxiosRequestConfig (#3918)
- Adding axios-test-instance to ecosystem (#3786)
- Optimize the logic of isAxiosError (#3546)
- Add tests and documentation to display how multiple inceptors work (#3564)
- Updating follow-redirects to version 1.14.7 (#4379)
- Fixing changelog to show corrext pull request (#4219)
- Update upgrade guide for https proxy setting (#3604)
- Jay
- Rijk van Zanten
- Kohta Ito
- Brandon Faulkner
- Stefano Magni
- enofan
- Andrey Pechkurov
- Doowonee
- Emil Broman
- Remco Haszing
- Black-Hole
- Wolfram Kriesing
- Andrew Ovens
- Paulo Renato
- Ben Carp
- Hirotaka Tagawa
- 狼族小狈
- C. Lewis
- Felipe Carvalho
- Daniel
- Gustavo Sales
-
0.24.0 - 2021年10月25日
- Revert: change type of AxiosResponse to any, please read lengthy discussion here: (#4141) pull request: (#4186)
- Jay
- Rodry
- Remco Haszing
- Isaiah Thomason
-
0.23.0 - 2021年10月12日
- Distinguish request and response data types (#4116)
- Change never type to unknown (#4142)
- Fixed TransitionalOptions typings (#4147)
- Adding globalObject: 'this' to webpack config (#3176)
- Adding insecureHTTPParser type to AxiosRequestConfig (#4066)
- Fix missing semicolon in typings (#4115)
- Fix response headers types (#4136)
- Improve timeout error when timeout is browser default (#3209)
- Fix node version on CI (#4069)
- Added testing to TypeScript portion of project (#4140)
- Rename Angular to AngularJS (#4114)
- Jay
- Evan-Finkelstein
- Paweł Szymański
- Dobes Vandermeer
- Claas Augner
- Remco Haszing
- Evgeniy
- Dmitriy Mozgovoy
from axios GitHub release notesFixes and Functionality:
Fixes and Functionality:
Breaking changes:
Content-Typerequest header when passing FormData (#3785)transformRequestandtoFormData(#4470)QOL and DevX improvements:
Fixes and Functionality:
Internal and Tests:
Documentation:
Notes:
Fixes and Functionality:
Fixes and Functionality:
Breaking changes:
Fixes and Functionality:
booleanandnumbertypes (#4144)undefined(#3153)Internal and Tests:
Documentation:
Huge thanks to everyone who contributed to this release via code (authors listed below) or via reviews and triaging on GitHub:
Breaking changes:
Huge thanks to everyone who contributed to this release via code (authors listed below) or via reviews and triaging on GitHub:
Breaking changes:
Fixes and Functionality:
Internal and Tests:
Documentation:
Huge thanks to everyone who contributed to this release via code (authors listed below) or via reviews and triaging on GitHub:
Commit messages
Package name: axios
Compare
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs