chore(deps): bump axios and snyk

[dependabot]

Removes axios. It's no longer used after updating ancestor dependency snyk. These dependencies need to be updated together.

Removes axios

Updates snyk from 1.534.0 to 1.1304.0

Release notes

Sourced from snyk's releases.

v1.1304.0

1.1304.0 (2026-04-09)

The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation

Features

• aibom: Introduces the snyk aibom test command. (2978044)
• test, monitor, sbom: Introduce --maven-skip-wrapper flag to force the use of a globally installed mvn command. (0ee90ca, ff31066)
• general: Introduce explicit configuration for network retry max-attempts. (1fbdf38)
• container: Add deprecation warnings for -shaded-jars-depth and non-numeric values for --nested-jars-depth. (321b6f5)
• container: Extend support for java runtime binary scanning (b60473a)
• mcp: Improves auto-enable behavior for Snyk Code, promotes package health checks to stable. (5f5898f)
• redteam: Adds a vulnerability summary to scanned output. (52eaf5a)
• redteam: Add --json flag support for list commands, exhaustive and eager modes. (e962c4d)

Bug Fixes

• general: Fix printing JSON output on stdout when only --json-file-output is specified. (32f65f0)
• test: Fixes an issue where no files were uploaded when using --skip-unresolved. (71ca761)
• test: Prevents scan failures when Maven builds succeed with non-fatal errors. (b30db97)
• test: Fixes Go PackageURL generation and import path normalization for projects using replace directives. (7c7a366, ee7d72b)
• test: Improves SDK detection when host and SDK versions differ. (96d0817)
• test: Ensures project names are populated when scanning NuGet projects from repository root. (c043553)
• container: Snyk Container scans of tar files on Windows should now report vulnerabilities for Python application package files. (9b86790)
• container: Override packages with inaccurate pom.properties files (b60473a)
• test: Ensure Yarn workspace pacakges matches are actual members defined in the root package.json. (0dd6581)
• test: Fix increased scan times when testing Golang projects. (f2f5ba2)
• code: Snyk Code scans now return clearer error message and exit codes when testing unsupported projects (6f5b4e3)
• test: Fix a bug where aliased packages were being resolved with the target name insted of the alias for yarn projects. (dcbec6f)
• test: Fix a bug where Python packages with . characters in their name were incorrectly parsed to include - characters. (9a2a36e)
• deps: Updates dependencies to fix vulnerabilities:
  • CVE-2026-26996 (8e7873f)
  • CVE-2026-29786 (1a08533)
  • CVE-2026-31802 (1321575)
  • CVE-2025-69873 (8ff6aad)
  • CVE-2026-33186 (e98d9ef)
  • CVE-2026-32283 (d26e83f)
  • CVE-2026-29181 (f5418b6)

v1.1303.2

1.1303.2 (2026-03-23)

The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation

Features

• redteam: Introducing Snyk Agent Red Teaming with attack profiles (fast, security, safety) via the new --profile flag, allowing users to select pre-configured sets of attack goals. (99e2953)
• redteam: New terminology for goals, strategies, and attacks to better describe Agent Red Teaming workflows. (99e2953)
• redteam: Tenant-based authentication using --tenant-id for routing Agent Red Teaming commands. (99e2953)

... (truncated)

Commits

• 28558dc Merge pull request #6711 from snyk/chore/update_rc_1.1304.0
• b3f5daa chore: update release notes
• 7a37b57 fix: add tests for container scanner updates
• 09fff83 fix: upgrade cli-extension-secrets to strip credentials from repo URLs and no...
• b01218d chore: Ensure to update tar in package.json
• a6f66e5 fix: Fix CVE-2026-32283
• eb24c0b fix: Fix multiple vulnerabilities
• b60473a fix: handles inproper pom properties files for jars
• 0370dd2 fix(ci): Avoid fetching sarif schema in tests
• 59ac528 chore: update dependencies
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by snyk-admin, a new releaser for snyk since your current version.

Install script changes

This version adds postinstall script that runs during installation. Review the package contents before updating.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.