[PR #62] [CLOSED] chore(deps): bump axios from 1.6.1 to 1.6.5 #76

Closed
opened 2026-02-15 23:17:09 -05:00 by yindo · 0 comments
Owner

📋 Pull Request Information

Original PR: https://github.com/run-llama/chat-llamaindex/pull/62
Author: @dependabot[bot]
Created: 1/8/2024
Status: Closed

Base: developHead: dependabot/npm_and_yarn/develop/axios-1.6.5


📝 Commits (1)

  • 0fde5c4 chore(deps): bump axios from 1.6.1 to 1.6.5

📊 Changes

2 files changed (+8 additions, -8 deletions)

View changed files

📝 package.json (+1 -1)
📝 pnpm-lock.yaml (+7 -7)

📄 Description

Bumps axios from 1.6.1 to 1.6.5.

Release notes

Sourced from axios's releases.

Release v1.6.5

Release notes:

Bug Fixes

  • ci: refactor notify action as a job of publish action; (#6176) (0736f95)
  • dns: fixed lookup error handling; (#6175) (f4f2b03)

Contributors to this release

Release v1.6.4

Release notes:

Bug Fixes

  • security: fixed formToJSON prototype pollution vulnerability; (#6167) (3c0c11c)
  • security: fixed security vulnerability in follow-redirects (#6163) (75af1cd)

Contributors to this release

Release v1.6.3

Release notes:

Bug Fixes

  • Regular Expression Denial of Service (ReDoS) (#6132) (5e7ad38)

Contributors to this release

Release v1.6.2

Release notes:

Features

  • withXSRFToken: added withXSRFToken option as a workaround to achieve the old withCredentials behavior; (#6046) (cff9967)

PRs

  • feat(withXSRFToken): added withXSRFToken option as a workaround to achieve the old `withCredentials` behavior; ( #6046 )

📢 This PR added 'withXSRFToken' option as a replacement for old withCredentials behaviour. 
You should now use withXSRFToken along with withCredential to get the old behavior.
This functionality is considered as a fix.
</tr></table> 

... (truncated)

Changelog

Sourced from axios's changelog.

1.6.5 (2024-01-05)

Bug Fixes

  • ci: refactor notify action as a job of publish action; (#6176) (0736f95)
  • dns: fixed lookup error handling; (#6175) (f4f2b03)

Contributors to this release

1.6.4 (2024-01-03)

Bug Fixes

  • security: fixed formToJSON prototype pollution vulnerability; (#6167) (3c0c11c)
  • security: fixed security vulnerability in follow-redirects (#6163) (75af1cd)

Contributors to this release

1.6.3 (2023-12-26)

Bug Fixes

  • Regular Expression Denial of Service (ReDoS) (#6132) (5e7ad38)

Contributors to this release

1.6.2 (2023-11-14)

Features

  • withXSRFToken: added withXSRFToken option as a workaround to achieve the old withCredentials behavior; (#6046) (cff9967)

PRs

  • feat(withXSRFToken): added withXSRFToken option as a workaround to achieve the old `withCredentials` behavior; ( #6046 )
</tr></table> 

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/run-llama/chat-llamaindex/pull/62 **Author:** [@dependabot[bot]](https://github.com/apps/dependabot) **Created:** 1/8/2024 **Status:** ❌ Closed **Base:** `develop` ← **Head:** `dependabot/npm_and_yarn/develop/axios-1.6.5` --- ### 📝 Commits (1) - [`0fde5c4`](https://github.com/run-llama/chat-llamaindex/commit/0fde5c468d92affdce2400d0075e0a0a7911d9cf) chore(deps): bump axios from 1.6.1 to 1.6.5 ### 📊 Changes **2 files changed** (+8 additions, -8 deletions) <details> <summary>View changed files</summary> 📝 `package.json` (+1 -1) 📝 `pnpm-lock.yaml` (+7 -7) </details> ### 📄 Description Bumps [axios](https://github.com/axios/axios) from 1.6.1 to 1.6.5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/axios/axios/releases">axios's releases</a>.</em></p> <blockquote> <h2>Release v1.6.5</h2> <h2>Release notes:</h2> <h3>Bug Fixes</h3> <ul> <li><strong>ci:</strong> refactor notify action as a job of publish action; (<a href="https://redirect.github.com/axios/axios/issues/6176">#6176</a>) (<a href="https://github.com/axios/axios/commit/0736f95ce8776366dc9ca569f49ba505feb6373c">0736f95</a>)</li> <li><strong>dns:</strong> fixed lookup error handling; (<a href="https://redirect.github.com/axios/axios/issues/6175">#6175</a>) (<a href="https://github.com/axios/axios/commit/f4f2b039dd38eb4829e8583caede4ed6d2dd59be">f4f2b03</a>)</li> </ul> <h3>Contributors to this release</h3> <ul> <li><!-- raw HTML omitted --> <a href="https://github.com/DigitalBrainJS" title="+41/-6 ([#6176](https://github.com/axios/axios/issues/6176) [#6175](https://github.com/axios/axios/issues/6175) )">Dmitriy Mozgovoy</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/jasonsaayman" title="+6/-1 ()">Jay</a></li> </ul> <h2>Release v1.6.4</h2> <h2>Release notes:</h2> <h3>Bug Fixes</h3> <ul> <li><strong>security:</strong> fixed formToJSON prototype pollution vulnerability; (<a href="https://redirect.github.com/axios/axios/issues/6167">#6167</a>) (<a href="https://github.com/axios/axios/commit/3c0c11cade045c4412c242b5727308cff9897a0e">3c0c11c</a>)</li> <li><strong>security:</strong> fixed security vulnerability in follow-redirects (<a href="https://redirect.github.com/axios/axios/issues/6163">#6163</a>) (<a href="https://github.com/axios/axios/commit/75af1cdff5b3a6ca3766d3d3afbc3115bb0811b8">75af1cd</a>)</li> </ul> <h3>Contributors to this release</h3> <ul> <li><!-- raw HTML omitted --> <a href="https://github.com/jasonsaayman" title="+34/-6 ()">Jay</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/DigitalBrainJS" title="+34/-3 ([#6172](https://github.com/axios/axios/issues/6172) [#6167](https://github.com/axios/axios/issues/6167) )">Dmitriy Mozgovoy</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/gnesher" title="+10/-10 ([#6163](https://github.com/axios/axios/issues/6163) )">Guy Nesher</a></li> </ul> <h2>Release v1.6.3</h2> <h2>Release notes:</h2> <h3>Bug Fixes</h3> <ul> <li>Regular Expression Denial of Service (ReDoS) (<a href="https://redirect.github.com/axios/axios/issues/6132">#6132</a>) (<a href="https://github.com/axios/axios/commit/5e7ad38fb0f819fceb19fb2ee5d5d38f56aa837d">5e7ad38</a>)</li> </ul> <h3>Contributors to this release</h3> <ul> <li><!-- raw HTML omitted --> <a href="https://github.com/jasonsaayman" title="+15/-6 ([#6145](https://github.com/axios/axios/issues/6145) )">Jay</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/WillianAgostini" title="+17/-2 ([#6132](https://github.com/axios/axios/issues/6132) )">Willian Agostini</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/DigitalBrainJS" title="+3/-0 ([#6084](https://github.com/axios/axios/issues/6084) )">Dmitriy Mozgovoy</a></li> </ul> <h2>Release v1.6.2</h2> <h2>Release notes:</h2> <h3>Features</h3> <ul> <li><strong>withXSRFToken:</strong> added withXSRFToken option as a workaround to achieve the old <code>withCredentials</code> behavior; (<a href="https://redirect.github.com/axios/axios/issues/6046">#6046</a>) (<a href="https://github.com/axios/axios/commit/cff996779b272a5e94c2b52f5503ccf668bc42dc">cff9967</a>)</li> </ul> <h3>PRs</h3> <ul> <li>feat(withXSRFToken): added withXSRFToken option as a workaround to achieve the old `withCredentials` behavior; ( <a href="https://api.github.com/repos/axios/axios/pulls/6046">#6046</a> )</li> </ul> <pre><code> 📢 This PR added &amp;#x27;withXSRFToken&amp;#x27; option as a replacement for old withCredentials behaviour. You should now use withXSRFToken along with withCredential to get the old behavior. This functionality is considered as a fix. &lt;/tr&gt;&lt;/table&gt; </code></pre> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/axios/axios/blob/v1.x/CHANGELOG.md">axios's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/axios/axios/compare/v1.6.4...v1.6.5">1.6.5</a> (2024-01-05)</h2> <h3>Bug Fixes</h3> <ul> <li><strong>ci:</strong> refactor notify action as a job of publish action; (<a href="https://redirect.github.com/axios/axios/issues/6176">#6176</a>) (<a href="https://github.com/axios/axios/commit/0736f95ce8776366dc9ca569f49ba505feb6373c">0736f95</a>)</li> <li><strong>dns:</strong> fixed lookup error handling; (<a href="https://redirect.github.com/axios/axios/issues/6175">#6175</a>) (<a href="https://github.com/axios/axios/commit/f4f2b039dd38eb4829e8583caede4ed6d2dd59be">f4f2b03</a>)</li> </ul> <h3>Contributors to this release</h3> <ul> <li><!-- raw HTML omitted --> <a href="https://github.com/DigitalBrainJS" title="+41/-6 ([#6176](https://github.com/axios/axios/issues/6176) [#6175](https://github.com/axios/axios/issues/6175) )">Dmitriy Mozgovoy</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/jasonsaayman" title="+6/-1 ()">Jay</a></li> </ul> <h2><a href="https://github.com/axios/axios/compare/v1.6.3...v1.6.4">1.6.4</a> (2024-01-03)</h2> <h3>Bug Fixes</h3> <ul> <li><strong>security:</strong> fixed formToJSON prototype pollution vulnerability; (<a href="https://redirect.github.com/axios/axios/issues/6167">#6167</a>) (<a href="https://github.com/axios/axios/commit/3c0c11cade045c4412c242b5727308cff9897a0e">3c0c11c</a>)</li> <li><strong>security:</strong> fixed security vulnerability in follow-redirects (<a href="https://redirect.github.com/axios/axios/issues/6163">#6163</a>) (<a href="https://github.com/axios/axios/commit/75af1cdff5b3a6ca3766d3d3afbc3115bb0811b8">75af1cd</a>)</li> </ul> <h3>Contributors to this release</h3> <ul> <li><!-- raw HTML omitted --> <a href="https://github.com/jasonsaayman" title="+34/-6 ()">Jay</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/DigitalBrainJS" title="+34/-3 ([#6172](https://github.com/axios/axios/issues/6172) [#6167](https://github.com/axios/axios/issues/6167) )">Dmitriy Mozgovoy</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/gnesher" title="+10/-10 ([#6163](https://github.com/axios/axios/issues/6163) )">Guy Nesher</a></li> </ul> <h2><a href="https://github.com/axios/axios/compare/v1.6.2...v1.6.3">1.6.3</a> (2023-12-26)</h2> <h3>Bug Fixes</h3> <ul> <li>Regular Expression Denial of Service (ReDoS) (<a href="https://redirect.github.com/axios/axios/issues/6132">#6132</a>) (<a href="https://github.com/axios/axios/commit/5e7ad38fb0f819fceb19fb2ee5d5d38f56aa837d">5e7ad38</a>)</li> </ul> <h3>Contributors to this release</h3> <ul> <li><!-- raw HTML omitted --> <a href="https://github.com/jasonsaayman" title="+15/-6 ([#6145](https://github.com/axios/axios/issues/6145) )">Jay</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/WillianAgostini" title="+17/-2 ([#6132](https://github.com/axios/axios/issues/6132) )">Willian Agostini</a></li> <li><!-- raw HTML omitted --> <a href="https://github.com/DigitalBrainJS" title="+3/-0 ([#6084](https://github.com/axios/axios/issues/6084) )">Dmitriy Mozgovoy</a></li> </ul> <h2><a href="https://github.com/axios/axios/compare/v1.6.1...v1.6.2">1.6.2</a> (2023-11-14)</h2> <h3>Features</h3> <ul> <li><strong>withXSRFToken:</strong> added withXSRFToken option as a workaround to achieve the old <code>withCredentials</code> behavior; (<a href="https://redirect.github.com/axios/axios/issues/6046">#6046</a>) (<a href="https://github.com/axios/axios/commit/cff996779b272a5e94c2b52f5503ccf668bc42dc">cff9967</a>)</li> </ul> <h3>PRs</h3> <ul> <li>feat(withXSRFToken): added withXSRFToken option as a workaround to achieve the old `withCredentials` behavior; ( <a href="https://api.github.com/repos/axios/axios/pulls/6046">#6046</a> )</li> </ul> <pre><code>&lt;/tr&gt;&lt;/table&gt; </code></pre> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/axios/axios/commit/6d4c421ee157d93b47f3f9082a7044b1da221461"><code>6d4c421</code></a> chore(release): v1.6.5 (<a href="https://redirect.github.com/axios/axios/issues/6177">#6177</a>)</li> <li><a href="https://github.com/axios/axios/commit/0736f95ce8776366dc9ca569f49ba505feb6373c"><code>0736f95</code></a> fix(ci): refactor notify action as a job of publish action; (<a href="https://redirect.github.com/axios/axios/issues/6176">#6176</a>)</li> <li><a href="https://github.com/axios/axios/commit/f4f2b039dd38eb4829e8583caede4ed6d2dd59be"><code>f4f2b03</code></a> fix(dns): fixed lookup error handling; (<a href="https://redirect.github.com/axios/axios/issues/6175">#6175</a>)</li> <li><a href="https://github.com/axios/axios/commit/1f73dcbbe0bb37f9e9908abb46a3c252536655c8"><code>1f73dcb</code></a> docs: update sponsor links</li> <li><a href="https://github.com/axios/axios/commit/8790b8e7847c7f450544e7195c837ffc10fcb160"><code>8790b8e</code></a> chore(release): v1.6.4 (<a href="https://redirect.github.com/axios/axios/issues/6173">#6173</a>)</li> <li><a href="https://github.com/axios/axios/commit/0ad520de0f087b7e012e432660e44631be7f689e"><code>0ad520d</code></a> chore(ci): fix notify action; (<a href="https://redirect.github.com/axios/axios/issues/6172">#6172</a>)</li> <li><a href="https://github.com/axios/axios/commit/3c0c11cade045c4412c242b5727308cff9897a0e"><code>3c0c11c</code></a> fix(security): fixed formToJSON prototype pollution vulnerability; (<a href="https://redirect.github.com/axios/axios/issues/6167">#6167</a>)</li> <li><a href="https://github.com/axios/axios/commit/75af1cdff5b3a6ca3766d3d3afbc3115bb0811b8"><code>75af1cd</code></a> fix(security): fixed security vulnerability in follow-redirects (<a href="https://redirect.github.com/axios/axios/issues/6163">#6163</a>)</li> <li><a href="https://github.com/axios/axios/commit/90864b3a3fb52ede567f7dd70b055f1f45c162ef"><code>90864b3</code></a> docs: update logos</li> <li><a href="https://github.com/axios/axios/commit/1542719bc7300f885df202942eff986a3d826372"><code>1542719</code></a> docs: updated headline sponsors</li> <li>Additional commits viewable in <a href="https://github.com/axios/axios/compare/v1.6.1...v1.6.5">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=axios&package-manager=npm_and_yarn&previous-version=1.6.1&new-version=1.6.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
yindo added the pull-request label 2026-02-15 23:17:09 -05:00
yindo closed this issue 2026-02-15 23:17:09 -05:00
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: run-llama/chat-llamaindex#76