fix(deps): update npm-non-major - abandoned#1051
Conversation
|
You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool. What Enabling Code Scanning Means:
For more information about GitHub Code Scanning, check out the documentation. |
✅ Supply Chain Verification Results✅ PASSED 📦 SBOM Summary
🔍 Vulnerability Scan
📎 Artifacts
Generated by Supply Chain Verification workflow • View Details |
Codecov Report✅ All modified and coverable lines are covered by tests. 📢 Thoughts on this report? Let us know! |
7fc6b9a to
129f695
Compare
Autoclosing SkippedThis PR has been flagged for autoclosing. However, it is being skipped due to the branch being already modified. Please close/delete it manually or report a bug if you think this is in error. |
Edited/Blocked NotificationRenovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR. You can manually request rebase by checking the rebase/retry box above. |
|
@renovate rebase |
This PR contains the following updates:
^5.100.14→^5.101.01.16.1→1.17.0Release Notes
TanStack/query (@tanstack/react-query)
v5.101.0Compare Source
Patch Changes
axios/axios (axios)
v1.17.0Compare Source
v1.17.0 — June 1, 2026
This release adds Node HTTP zstd decompression, hardens config and release workflows, and fixes authentication, header, proxy, and type-handling regressions.
🔒 Security Fixes
socketPath,params, andparamsSerializerreads with own-property checks to prevent inherited prototype values from affecting request behavior, including SSRF-sensitive paths. (#10901, #10922)🚀 New Features
transitional.advertiseZstdAcceptEncodingcontrolling whetherzstdis advertised inAccept-Encoding. (#6792, #10920)🐛 Bug Fixes
httpsAgentTLS options when tunneling HTTPS requests through HTTP CONNECT proxies. (#10957)Content-Typefor React NativeFormDataso multipart boundaries can be generated correctly. (#10898)resolveConfigfrom an arrow default export to a named function export to avoid webpack and Babel transform interop failures. (#10891)AxiosHeaders.toJSON()return types and updated CommonJSisCanceltypings to narrow toCanceledError<T>. (#10956, #10952)Authorizationheader from the GitHub build helper whenGITHUB_TOKENis unset. (#10931)🔧 Maintenance & Chores
Http2Sessionsinto its own helper module and added direct unit coverage for session pooling, timeout, and cleanup behavior. (#10861)filesallowlist and dropping unneeded unminified bundle source maps. (#10939)fs-extra,qs, docs dependencies, and GitHub Actions dependencies includingactions/dependency-review-actionandzizmorcore/zizmor-action. (#10871, #10879, #10918, #10919, #10934, #10947, #10954, #10960)🌟 New Contributors
We are thrilled to welcome our new contributors. Thank you for helping improve axios:
Full Changelog
Configuration
📅 Schedule: (in timezone America/New_York)
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR was generated by Mend Renovate. View the repository job log.