Skip to content

Update dependency axios to v1.13.6#429

Open
renovate[bot] wants to merge 1 commit intomasterfrom
renovate/axios-1.x
Open

Update dependency axios to v1.13.6#429
renovate[bot] wants to merge 1 commit intomasterfrom
renovate/axios-1.x

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Mar 1, 2026

This PR contains the following updates:

Package Change Age Confidence
axios (source) 1.13.51.13.6 age confidence
axios (source) 1.13.51.13.6 age confidence

Release Notes

axios/axios (axios)

v1.13.6

Compare Source

This release focuses on platform compatibility, error handling improvements, and code quality maintenance.

⚠️ Important Changes

  • Breaking Changes: None identified in this release.
  • Action Required: Users targeting React Native should verify their integration, particularly if relying on specific Blob or FormData behaviours, as improvements have been made to support these objects.

🚀 New Features

  • React Native Blob Support: Axios now includes support for React Native Blob objects. Thanks to @​moh3n9595 for the initial implementation. (#​5764)
  • Code Quality: Implemented prettier across the codebase and resolved associated formatting issues. (#​7385)

🐛 Bug Fixes

  • Environment Compatibility:

    • Fixed module exports for React Native and Browserify environments. (#​7386)
    • Added safe FormData detection for the WeChat Mini Program environment. (#​7324)

  • Error Handling:

    • AxiosError.message is now correctly enumerable. (#​7392)
    • AxiosError.from now correctly copies the status property from the source error, ensuring better error propagation. (#​7403)

🔧 Maintenance & Chores

🌟 New Contributors

We are thrilled to welcome our new contributors! Thank you for helping improve the project:

Full Changelog: v1.13.5...v1.13.6

v1.13.5

Compare Source

Release 1.13.5

Highlights
  • Security: Fixed a potential Denial of Service issue involving the __proto__ key in mergeConfig. (PR #​7369)
  • Bug fix: Resolved an issue where AxiosError could be missing the status field on and after v1.13.3. (PR #​7368)
Changes
Security
  • Fix Denial of Service via __proto__ key in mergeConfig. (PR #​7369)
Fixes
  • Fix/5657. (PR #​7313)
  • Ensure status is present in AxiosError on and after v1.13.3. (PR #​7368)
Features / Improvements
  • Add input validation to isAbsoluteURL. (PR #​7326)
  • Refactor: bump minor package versions. (PR #​7356)
Documentation
  • Clarify object-check comment. (PR #​7323)
  • Fix deprecated Buffer constructor usage and README formatting. (PR #​7371)
CI / Maintenance
  • Chore: fix issues with YAML. (PR #​7355)
  • CI: update workflow YAMLs. (PR #​7372)
  • CI: fix run condition. (PR #​7373)
  • Dev deps: bump karma-sourcemap-loader from 0.3.8 to 0.4.0. (PR #​7360)
  • Chore(release): prepare release 1.13.5. (PR #​7379)
New Contributors

Full Changelog: axios/axios@v1.13.4...v1.13.5

v1.13.4

Compare Source

Overview

The release addresses issues discovered in v1.13.3 and includes significant CI/CD improvements.

Full Changelog: v1.13.3...v1.13.4

What's New in v1.13.4

Bug Fixes
  • fix: issues with version 1.13.3 (#​7352) (ee90dfc)
    • Fixed issues discovered in v1.13.3 release
    • Cleaned up interceptor test files
    • Improved workflow configurations
Infrastructure & CI/CD

  • refactor: ci and build (#​7340) (8ff6c19)

    • Major refactoring of CI/CD workflows
    • Consolidated workflow files for better maintainability
    • Added mise configuration for the development environment
    • Improved sponsor block update automation
    • Enhanced issue and PR templates
    • Added automatic release notes generation
    • Implemented workflow cancellation for concurrent runs

  • chore: codegen and some updates to workflows (76cf77b)

    • Code generation improvements
    • Workflow optimisations

Migration Notes

Breaking Changes

None in this release.

Deprecations

None in this release.

Contributors

Thank you to all contributors who made this release possible! Special thanks to:

v1.13.3

Compare Source

Bug Fixes
  • http2: Use port 443 for HTTPS connections by default. (#​7256) (d7e6065)
  • interceptor: handle the error in the same interceptor (#​6269) (5945e40)
  • main field in package.json should correspond to cjs artifacts (#​5756) (7373fbf)
  • package.json: add 'bun' package.json 'exports' condition. Load the Node.js build in Bun instead of the browser build (#​5754) (b89217e)
  • silentJSONParsing=false should throw on invalid JSON (#​7253) (#​7257) (7d19335)
  • turn AxiosError into a native error (#​5394) (#​5558) (1c6a86d)
  • types: add handlers to AxiosInterceptorManager interface (#​5551) (8d1271b)
  • types: restore AxiosError.cause type from unknown to Error (#​7327) (d8233d9)
  • unclear error message is thrown when specifying an empty proxy authorization (#​6314) (6ef867e)
Features
Reverts
Contributors to this release

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Never, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added the dependencies label Mar 1, 2026
@renovate
Copy link
Contributor Author

renovate bot commented Mar 1, 2026

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

  • any of the package files in this branch needs updating, or
  • the branch becomes conflicted, or
  • you click the rebase/retry checkbox if found above, or
  • you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: test/integration/package-lock.json
npm warn Unknown env config "store". This will stop working in the next major version of npm.
npm warn tarball tarball data for @sonar/scan@file:/tmp/renovate/repos/github/SonarSource/sonar-scanner-npm/build/sonar-scan-SNAPSHOT.tgz (null) seems to be corrupted. Trying again.
npm warn tarball tarball data for @sonar/scan@file:/tmp/renovate/repos/github/SonarSource/sonar-scanner-npm/build/sonar-scan-SNAPSHOT.tgz (null) seems to be corrupted. Trying again.
npm error code ENOENT
npm error syscall open
npm error path /tmp/renovate/repos/github/SonarSource/sonar-scanner-npm/build/sonar-scan-SNAPSHOT.tgz
npm error errno -2
npm error enoent ENOENT: no such file or directory, open '/tmp/renovate/repos/github/SonarSource/sonar-scanner-npm/build/sonar-scan-SNAPSHOT.tgz'
npm error enoent This is related to npm not being able to find a file.
npm error enoent
npm error A complete log of this run can be found in: /runner/cache/others/npm/_logs/2026-03-01T10_20_29_883Z-debug-0.log

@sonarqubecloud
Copy link

sonarqubecloud bot commented Mar 1, 2026

SonarQube reviewer guide

Review in SonarQube

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants