Commit 25c5059
authored
![mergify[bot]](https://avatars.githubusercontent.com/in/10562?v=4&size=40){kind=avatar}
chore(deps): bump axios from 1.13.2 to 1.13.5 in /webapp [skip ci]
Bumps [axios](https://github.com/axios/axios) from 1.13.2 to 1.13.5.
Release notes
*Sourced from [axios's releases](https://github.com/axios/axios/releases).*
> v1.13.5
> -------
>
> Release 1.13.5
> --------------
>
> ### Highlights
>
> * **Security:** Fixed a potential **Denial of Service** issue involving the `__proto__` key in `mergeConfig`. (PR [#7369](https://redirect.github.com/axios/axios/pull/7369))
> * **Bug fix:** Resolved an issue where `AxiosError` could be missing the `status` field on and after **v1.13.3**. (PR [#7368](https://redirect.github.com/axios/axios/pull/7368))
>
> ### Changes
>
> #### Security
>
> * Fix Denial of Service via `__proto__` key in `mergeConfig`. (PR [#7369](https://redirect.github.com/axios/axios/pull/7369))
>
> #### Fixes
>
> * Fix/5657. (PR [#7313](https://redirect.github.com/axios/axios/pull/7313))
> * Ensure `status` is present in `AxiosError` on and after v1.13.3. (PR [#7368](https://redirect.github.com/axios/axios/pull/7368))
>
> #### Features / Improvements
>
> * Add input validation to `isAbsoluteURL`. (PR [#7326](https://redirect.github.com/axios/axios/pull/7326))
> * Refactor: bump minor package versions. (PR [#7356](https://redirect.github.com/axios/axios/pull/7356))
>
> #### Documentation
>
> * Clarify object-check comment. (PR [#7323](https://redirect.github.com/axios/axios/pull/7323))
> * Fix deprecated `Buffer` constructor usage and README formatting. (PR [#7371](https://redirect.github.com/axios/axios/pull/7371))
>
> #### CI / Maintenance
>
> * Chore: fix issues with YAML. (PR [#7355](https://redirect.github.com/axios/axios/pull/7355))
> * CI: update workflow YAMLs. (PR [#7372](https://redirect.github.com/axios/axios/pull/7372))
> * CI: fix run condition. (PR [#7373](https://redirect.github.com/axios/axios/pull/7373))
> * Dev deps: bump `karma-sourcemap-loader` from 0.3.8 to 0.4.0. (PR [#7360](https://redirect.github.com/axios/axios/pull/7360))
> * Chore(release): prepare release 1.13.5. (PR [#7379](https://redirect.github.com/axios/axios/pull/7379))
>
> ### New Contributors
>
> * [`@sachin11063`](https://github.com/sachin11063) (first contribution — PR [#7323](https://redirect.github.com/axios/axios/pull/7323))
> * [`@asmitha-16`](https://github.com/asmitha-16) (first contribution — PR [#7326](https://redirect.github.com/axios/axios/pull/7326))
>
> **Full Changelog:** <axios/axios@v1.13.4...v1.13.5>
>
> v1.13.4
> -------
>
> Overview
> --------
>
> The release addresses issues discovered in v1.13.3 and includes significant CI/CD improvements.
>
> **Full Changelog**: [v1.13.3...v1.13.4](axios/axios@v1.13.3...v1.13.4)
>
> What's New in v1.13.4
> ---------------------
>
> ### Bug Fixes
>
> * **fix: issues with version 1.13.3** ([#7352](https://redirect.github.com/axios/axios/issues/7352)) ([ee90dfc](axios/axios@ee90dfc))
> + Fixed issues discovered in v1.13.3 release
... (truncated)
Changelog
*Sourced from [axios's changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md).*
> Changelog
> =========
>
> [1.13.3](axios/axios@v1.13.2...v1.13.3) (2026-01-20)
> -------------------------------------------------------------------------------
>
> ### Bug Fixes
>
> * **http2:** Use port 443 for HTTPS connections by default. ([#7256](https://redirect.github.com/axios/axios/issues/7256)) ([d7e6065](axios/axios@d7e6065))
> * **interceptor:** handle the error in the same interceptor ([#6269](https://redirect.github.com/axios/axios/issues/6269)) ([5945e40](axios/axios@5945e40))
> * main field in package.json should correspond to cjs artifacts ([#5756](https://redirect.github.com/axios/axios/issues/5756)) ([7373fbf](axios/axios@7373fbf))
> * **package.json:** add 'bun' package.json 'exports' condition. Load the Node.js build in Bun instead of the browser build ([#5754](https://redirect.github.com/axios/axios/issues/5754)) ([b89217e](axios/axios@b89217e))
> * silentJSONParsing=false should throw on invalid JSON ([#7253](https://redirect.github.com/axios/axios/issues/7253)) ([#7257](https://redirect.github.com/axios/axios/issues/7257)) ([7d19335](axios/axios@7d19335))
> * turn AxiosError into a native error ([#5394](https://redirect.github.com/axios/axios/issues/5394)) ([#5558](https://redirect.github.com/axios/axios/issues/5558)) ([1c6a86d](axios/axios@1c6a86d))
> * **types:** add handlers to AxiosInterceptorManager interface ([#5551](https://redirect.github.com/axios/axios/issues/5551)) ([8d1271b](axios/axios@8d1271b))
> * **types:** restore AxiosError.cause type from unknown to Error ([#7327](https://redirect.github.com/axios/axios/issues/7327)) ([d8233d9](axios/axios@d8233d9))
> * unclear error message is thrown when specifying an empty proxy authorization ([#6314](https://redirect.github.com/axios/axios/issues/6314)) ([6ef867e](axios/axios@6ef867e))
>
> ### Features
>
> * add `undefined` as a value in AxiosRequestConfig ([#5560](https://redirect.github.com/axios/axios/issues/5560)) ([095033c](axios/axios@095033c))
> * add automatic minor and patch upgrades to dependabot ([#6053](https://redirect.github.com/axios/axios/issues/6053)) ([65a7584](axios/axios@65a7584))
> * add Node.js coverage script using c8 (closes [#7289](https://redirect.github.com/axios/axios/issues/7289)) ([#7294](https://redirect.github.com/axios/axios/issues/7294)) ([ec9d94e](axios/axios@ec9d94e))
> * added copilot instructions ([3f83143](axios/axios@3f83143))
> * compatibility with frozen prototypes ([#6265](https://redirect.github.com/axios/axios/issues/6265)) ([860e033](axios/axios@860e033))
> * enhance pipeFileToResponse with error handling ([#7169](https://redirect.github.com/axios/axios/issues/7169)) ([88d7884](axios/axios@88d7884))
> * **types:** Intellisense for string literals in a widened union ([#6134](https://redirect.github.com/axios/axios/issues/6134)) ([f73474d](axios/axios@f73474d)), closes [microsoft/TypeScript#33471](https://redirect.github.com//redirect.github.com/microsoft/TypeScript/issues/33471/issues/issuecomment-1376364329)
>
> ### Reverts
>
> * Revert "fix: silentJSONParsing=false should throw on invalid JSON ([#7253](https://redirect.github.com/axios/axios/issues/7253)) ([#7](https://redirect.github.com/axios/axios/issues/7)…" ([#7298](https://redirect.github.com/axios/axios/issues/7298)) ([a4230f5](axios/axios@a4230f5)), closes [#7253](https://redirect.github.com/axios/axios/issues/7253) [#7](https://redirect.github.com/axios/axios/issues/7) [#7298](https://redirect.github.com/axios/axios/issues/7298)
> * **deps:** bump peter-evans/create-pull-request from 7 to 8 in the github-actions group ([#7334](https://redirect.github.com/axios/axios/issues/7334)) ([2d6ad5e](axios/axios@2d6ad5e))
>
> ### Contributors to this release
>
> * [Ashvin Tiwari](https://github.com/ashvin2005 "+1752/-4 ([#7218](axios/axios#7218) [#7218](axios/axios#7218) )")
> * [Nikunj Mochi](https://github.com/mochinikunj "+940/-12 ([#7294](axios/axios#7294) [#7294](axios/axios#7294) )")
> * [Anchal Singh](https://github.com/imanchalsingh "+544/-102 ([#7169](axios/axios#7169) [#7185](axios/axios#7185) )")
> * [jasonsaayman](https://github.com/jasonsaayman "+317/-73 ([#7334](axios/axios#7334) [#7298](axios/axios#7298) )")
> * [Julian Dax](https://github.com/brodo "+99/-120 ([#5558](axios/axios#5558) )")
> * [Akash Dhar Dubey](https://github.com/AKASHDHARDUBEY "+167/-0 ([#7287](axios/axios#7287) [#7288](axios/axios#7288) )")
> * [Madhumita](https://github.com/madhumitaaa "+20/-68 ([#7198](axios/axios#7198) )")
> * [Tackoil](https://github.com/Tackoil "+80/-2 ([#6269](axios/axios#6269) )")
> * [Justin Dhillon](https://github.com/justindhillon "+41/-41 ([#6324](axios/axios#6324) [#6315](axios/axios#6315) )")
> * [Rudransh](https://github.com/Rudrxxx "+71/-2 ([#7257](axios/axios#7257) )")
> * [WuMingDao](https://github.com/WuMingDao "+36/-36 ([#7215](axios/axios#7215) )")
> * [codenomnom](https://github.com/codenomnom "+70/-0 ([#7201](axios/axios#7201) [#7201](axios/axios#7201) )")
> * [Nandan Acharya](https://github.com/Nandann018-ux "+60/-10 ([#7272](axios/axios#7272) )")
> * [Eric Dubé](https://github.com/KernelDeimos "+22/-40 ([#7042](axios/axios#7042) )")
> * [Tibor Pilz](https://github.com/tiborpilz "+40/-4 ([#5551](axios/axios#5551) )")
> * [Gabriel Quaresma](https://github.com/joaoGabriel55 "+31/-4 ([#6314](axios/axios#6314) )")
> * [Turadg Aleahmad](https://github.com/turadg "+23/-6 ([#6265](axios/axios#6265) )")
... (truncated)
Commits
* [`29f7542`](axios/axios@29f7542) chore(release): prepare release 1.13.5 ([#7379](https://redirect.github.com/axios/axios/issues/7379))
* [`431c3a3`](axios/axios@431c3a3) ci: fix run condition ([#7373](https://redirect.github.com/axios/axios/issues/7373))
* [`9ff3a78`](axios/axios@9ff3a78) ci: update ymls ([#7372](https://redirect.github.com/axios/axios/issues/7372))
* [`265b712`](axios/axios@265b712) docs: fix deprecated Buffer constructor and formatting issues in README ([#7371](https://redirect.github.com/axios/axios/issues/7371))
* [`475e75a`](axios/axios@475e75a) feat: add input validation to isAbsoluteURL ([#7326](https://redirect.github.com/axios/axios/issues/7326))
* [`28c7215`](axios/axios@28c7215) fix: Denial of Service via **proto** Key in mergeConfig ([#7369](https://redirect.github.com/axios/axios/issues/7369))
* [`04cf019`](axios/axios@04cf019) docs: clarify object check comment ([#7323](https://redirect.github.com/axios/axios/issues/7323))
* [`696fa75`](axios/axios@696fa75) fix: status is missing in AxiosError on and after v1.13.3 ([#7368](https://redirect.github.com/axios/axios/issues/7368))
* [`569f028`](axios/axios@569f028) fix: added a option to choose between legacy and the new request/response int...
* [`44b7c9f`](axios/axios@44b7c9f) chore(deps-dev): bump karma-sourcemap-loader ([#7360](https://redirect.github.com/axios/axios/issues/7360))
* Additional commits viewable in [compare view](axios/axios@v1.13.2...v1.13.5)
Maintainer changes
This version was pushed to npm by [GitHub Actions](<https://www.npmjs.com/~GitHub> Actions), a new releaser for axios since your current version.
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)1 file changed
+11
-11
lines changedSome generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
0 commit comments