-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update dependency axios to v0.28.0 [SECURITY] #600
base: master
Are you sure you want to change the base?
Conversation
Terraform Format and Style 🖌
|
d06d5ab
to
832dea7
Compare
832dea7
to
683f2a3
Compare
683f2a3
to
fb9ff26
Compare
This PR contains the following updates:
0.27.2
->0.28.0
GitHub Vulnerability Alerts
CVE-2023-45857
An issue discovered in Axios 0.8.1 through 1.5.1 inadvertently reveals the confidential XSRF-TOKEN stored in cookies by including it in the HTTP header X-XSRF-TOKEN for every request made to any host allowing attackers to view sensitive information.
Release Notes
axios/axios (axios)
v0.28.0
Compare Source
Release notes:
Bug Fixes
withXSRFToken
option to v0.x (#6091)Backports from v1.x:
axios.formToJSON
method (#4735)url-encoded-form
serializer to respect theformSerializer
config (#4721)string[]
toAxiosRequestHeaders
type (#4322)AxiosError
stack capturing; (#4718)AxiosError
status code type; (#4717)blob
to the list of protocols supported by the browser (#4678)Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.