[Snyk] Upgrade axios from 1.7.9 to 1.13.2 #2069
Conversation
Snyk has created this PR to upgrade axios from 1.7.9 to 1.13.2. See this package in yarn: axios See this project in Snyk: https://app.snyk.io/org/cboard/project/d8988709-12b3-418a-b44c-fca27f9b400c?utm_source=github&utm_medium=referral&page=upgrade-pr
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| "@redux-beacon/logger": "^1.0.0", | ||
| "@redux-beacon/offline-web": "^1.0.0", | ||
| "axios": "^1.7.8", | ||
| "axios": "^1.13.2", |
There was a problem hiding this comment.
The dependency bump in package.json now requires axios ^1.13.2, but package-lock.json still declares axios ^1.7.8 and resolves to 1.7.9 (e.g., lines 23 and 7449–7455), so npm ci/npm install with the lockfile will either fail due to the mismatch or keep installing 1.7.9, leaving the upgrade ineffective for npm-based workflows.
Useful? React with 👍 / 👎.
Snyk has created this PR to upgrade axios from 1.7.9 to 1.13.2.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version is 14 versions ahead of your current version.
The recommended version was released a month ago.
Issues fixed by the recommended upgrade:
SNYK-JS-MONGOOSE-8623536
Important
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information: