Skip to content

Daily promotion - 23/10 #41314

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
btsgh merged 1 commit into from
Oct 23, 2025
Merged

Daily promotion - 23/10 #41314

btsgh merged 1 commit into from
Oct 23, 2025

Conversation

@shadabbuchh
Copy link
Contributor

@shadabbuchh shadabbuchh commented Oct 23, 2025

Description

https://github.com/appsmithorg/appsmith-ee/security/dependabot/438

Fixes CVE-2025-58754

client % yarn why axios
├─ appsmith-rts@workspace:packages/rts
│  └─ axios@npm:1.12.2 (via npm:^1.12.0)
│
├─ appsmith@workspace:.
│  └─ axios@npm:1.12.2 (via npm:^1.12.0)
│
└─ wait-on@npm:7.2.0
   └─ axios@npm:1.12.2 (via npm:^1.12.0)

Automation

/ok-to-test tags="@tag.All"

🔍 Cypress test results

Tip

🟢 🟢 🟢 All cypress tests have passed! 🎉 🎉 🎉
Workflow run:
https://github.com/appsmithorg/appsmith/actions/runs/18520882251
Commit: 59f9b9b
Cypress dashboard.
Tags: @tag.All
Spec:

Wed, 15 Oct 2025 08:31:04 UTC

Communication

Should the DevRel and Marketing teams inform users about this change?

  • Yes
  • No

Summary by CodeRabbit

  • Chores
  • Updated axios to ^1.12.0 across the client, including the RTS package and resolution map, ensuring consistent dependency versions.
  • Improves overall stability and compatibility by incorporating upstream fixes and enhancements.
    • Reduces the risk of dependency conflicts in the client workspace.
    • No user-facing behavior changes are expected.

Description

Tip

Add a TL;DR when the description is longer than 500 words or extremely technical (helps the content, marketing, and DevRel team).

Please also include relevant motivation and context. List any dependencies that are required for this change. Add links to Notion, Figma or any other documents that might be relevant to the PR.

Fixes #Issue Number
or
Fixes Issue URL

Warning

If no issue exists, please create an issue first, and check with the maintainers if the issue is valid.

Automation

/ok-to-test tags=""

🔍 Cypress test results

Caution

If you modify the content in this section, you are likely to disrupt the CI result for your PR.

Communication

Should the DevRel and Marketing teams inform users about this change?

  • Yes
  • No

@subrata71
fix: CVE-2025-58754 by upgrading axios dependency (#41295)
d7ddbde 
## Description
https://github.com/appsmithorg/appsmith-ee/security/dependabot/438


Fixes CVE-2025-58754


```
client % yarn why axios
├─ appsmith-rts@workspace:packages/rts
│  └─ axios@npm:1.12.2 (via npm:^1.12.0)
│
├─ appsmith@workspace:.
│  └─ axios@npm:1.12.2 (via npm:^1.12.0)
│
└─ wait-on@npm:7.2.0
   └─ axios@npm:1.12.2 (via npm:^1.12.0)

```

## Automation

/ok-to-test tags="@tag.All"

### 🔍 Cypress test results
<!-- This is an auto-generated comment: Cypress test results  -->
> [!TIP]
> 🟢 🟢 🟢 All cypress tests have passed! 🎉 🎉 🎉
> Workflow run:
<https://github.com/appsmithorg/appsmith/actions/runs/18520882251>
> Commit: 59f9b9b
> <a
href="https://internal.appsmith.com/app/cypress-dashboard/rundetails-65890b3c81d7400d08fa9ee5?branch=master&workflowId=18520882251&attempt=1"
target="_blank">Cypress dashboard</a>.
> Tags: `@tag.All`
> Spec:
> <hr>Wed, 15 Oct 2025 08:31:04 UTC
<!-- end of auto-generated comment: Cypress test results  -->


## Communication
Should the DevRel and Marketing teams inform users about this change?
- [ ] Yes
- [ ] No


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

* **Chores**
* Updated axios to ^1.12.0 across the client, including the RTS package
and resolution map, ensuring consistent dependency versions.
* Improves overall stability and compatibility by incorporating upstream
fixes and enhancements.
  * Reduces the risk of dependency conflicts in the client workspace.
  * No user-facing behavior changes are expected.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
@shadabbuchh shadabbuchh requested a review from btsgh October 23, 2025 07:22
@shadabbuchh shadabbuchh requested a review from riodeuno as a code owner October 23, 2025 07:22
@coderabbitai
Copy link
Contributor

coderabbitai bot commented Oct 23, 2025

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

🗂️ Base branches to auto review (2)
  • pg
  • release

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

✨ Finishing touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch release

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

btsgh
btsgh approved these changes Oct 23, 2025
View reviewed changes
Copy link
Collaborator

@btsgh btsgh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approving for promotion

@btsgh btsgh merged commit d18fd92 into master Oct 23, 2025
870 of 886 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@btsgh btsgh btsgh approved these changes

@riodeuno riodeuno Awaiting requested review from riodeuno riodeuno is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@shadabbuchh @btsgh @subrata71