Skip to content

[Snyk] Security upgrade axios from 1.13.2 to 1.13.5#3765

Open
dlobo wants to merge 1 commit intomasterfrom
snyk-fix-4f9a787ec5f351932fa0810f3cc118e8
Open

[Snyk] Security upgrade axios from 1.13.2 to 1.13.5#3765
dlobo wants to merge 1 commit intomasterfrom
snyk-fix-4f9a787ec5f351932fa0810f3cc118e8

Conversation

@dlobo
Copy link
Copy Markdown
Contributor

@dlobo dlobo commented Feb 12, 2026

snyk-top-banner

Snyk has created this PR to fix 1 vulnerabilities in the yarn dependencies of this project.

Snyk changed the following file(s):

  • package.json
  • yarn.lock

Note for zero-installs users

If you are using the Yarn feature zero-installs that was introduced in Yarn V2, note that this PR does not update the .yarn/cache/ directory meaning this code cannot be pulled and immediately developed on as one would expect for a zero-install project - you will need to run yarn to update the contents of the ./yarn/cache directory.
If you are not using zero-install you can ignore this as your flow should likely be unchanged.

Vulnerabilities that will be fixed with an upgrade:

Issue
high severity Prototype Pollution
SNYK-JS-AXIOS-15252993

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution

@coderabbitai
Copy link
Copy Markdown

coderabbitai bot commented Feb 12, 2026

Important

Review skipped

Ignore keyword(s) in the title.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
✨ Finishing touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch snyk-fix-4f9a787ec5f351932fa0810f3cc118e8

Tip

Issue Planner is now in beta. Read the docs and try it out! Share your feedback on Discord.

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@github-actions
Copy link
Copy Markdown

github-actions bot commented Feb 12, 2026

🚀 Deployed on https://deploy-preview-3765--glific-frontend.netlify.app

@github-actions github-actions bot temporarily deployed to pull request February 12, 2026 03:07 Inactive
@codecov
Copy link
Copy Markdown

codecov bot commented Feb 12, 2026

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 82.79%. Comparing base (e5e04b4) to head (bb7da91).

Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #3765      +/-   ##
==========================================
- Coverage   82.84%   82.79%   -0.06%     
==========================================
  Files         320      320              
  Lines       11997    11997              
  Branches     2524     2524              
==========================================
- Hits         9939     9933       -6     
- Misses       1300     1304       +4     
- Partials      758      760       +2

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@cypress
Copy link
Copy Markdown

cypress bot commented Feb 12, 2026

Glific    Run #7258

Run Properties:  status check failed Failed #7258  •  git commit 208852df91 ℹ️: Merge bb7da91d6bf4a03fc6d98eca14924c6157382b4e into e5e04b4398871550b6eb5c098a5b...
Project Glific
Branch Review snyk-fix-4f9a787ec5f351932fa0810f3cc118e8
Run status status check failed Failed #7258
Run duration 28m 46s
Commit git commit 208852df91 ℹ️: Merge bb7da91d6bf4a03fc6d98eca14924c6157382b4e into e5e04b4398871550b6eb5c098a5b...
Committer Donald A Lobo
View all properties for this run ↗︎
Test results
Tests that failed  Failures 1
Tests that were flaky  Flaky 3
Tests that did not run due to a developer annotating a test with .skip  Pending 0
Tests that did not run due to a failure in a mocha hook  Skipped 0
Tests that passed  Passing 190
View all changes introduced in this branch ↗︎

Tests for review

Failed  cypress/e2e/notification/notification.spec.ts • 1 failed test

View Output

Test Artifacts
Notification list > arrow should redirect to the particular page Test Replay Screenshots
Flakiness  auth/Logout.spec.ts • 1 flaky test

View Output

Test Artifacts
Logout > should logout correctly Test Replay Screenshots
Flakiness  chat/ChatCollection.spec.ts • 1 flaky test

View Output

Test Artifacts
ChatCollection > should send the emoji to collection Test Replay Screenshots
Flakiness  roles/staff/chat/Chat.spec.ts • 1 flaky test

View Output

Test Artifacts
Role - Staff - Chats > should send the message correctly Test Replay Screenshots

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@dlobo @snyk-bot