[Snyk] Security upgrade axios from 1.13.5 to 1.15.0

[posit-snyk-bot]

Snyk has created this PR to fix 2 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

• extensions/positron-supervisor/package.json
• extensions/positron-supervisor/package-lock.json

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Unintended Proxy or Intermediary ('Confused Deputy') SNYK-JS-AXIOS-15965856	306
	HTTP Response Splitting SNYK-JS-AXIOS-15969258	247

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

[github-actions]

E2E Tests 🚀
This PR will run tests tagged with: @:critical

^{readme  valid tags}

[juliasilge]

@jmcphers can you evaluate if we can/should take this version bump?

[jmcphers]

The last time we took an Axios bump, it caused a pretty major regression (see notes on #11937) so this needs to be evaluated carefully.

[jmcphers]

I don't think we should take this as-is:

• the PR doesn't even compile because Snyk bot didn't build the lock file correctly (it appears from CI results)
• Axios 1.15.0 is old news and 1.15.2 is out yesterday which has even more security fixes (seriously reconsidering our choice to depend on axios)