[Snyk] Upgrade axios from 0.27.2 to 0.30.2

[macpro-snyk-service-account]

Snyk has created this PR to upgrade axios from 0.27.2 to 0.30.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 6 versions ahead of your current version.

• The recommended version was released 2 months ago.

---

This upgrade to axios crosses multiple minor versions, introducing a notable breaking change in how proxy environment variables are handled starting in v0.28.0. While not an API signature change, it can unexpectedly alter request routing in environments where proxy variables are set.

Source: Package documentation
Recommendation: Verify application behavior in environments where npm_config_proxy or other proxy environment variables might be set before merging.

Notice 🤖: This content was generated using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.

---

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Cross-site Request Forgery (CSRF) SNYK-JS-AXIOS-6032459	258	Proof of Concept
	Improper Handling of Extra Parameters SNYK-JS-FOLLOWREDIRECTS-6141137	258	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-AXIOS-6124857	258	Proof of Concept
	Server-side Request Forgery (SSRF) SNYK-JS-AXIOS-9292519	258	Proof of Concept
	Server-side Request Forgery (SSRF) SNYK-JS-AXIOS-9403194	258	No Known Exploit
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-6444610	258	Proof of Concept
	Predictable Value Range from Previous Values SNYK-JS-FORMDATA-10841150	258	Proof of Concept

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[macpro-snyk-service-account]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues
✅	Licenses	0	0	0	0	0 issues
✅	Code Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[macpro-snyk-service-account]

This upgrade includes a significant behavioral change in version 0.28.0 that may affect network requests in certain environments. Axios now automatically reads proxy settings from environment variables, which can cause requests to fail if a proxy is configured unexpectedly. Additionally, there are reports of changes to the default parameter serialization for GET requests.

Source: GitHub Issues
Recommendation: Manually test network requests, especially in environments that use proxy servers, before merging this upgrade.

Notice 🤖: This content was augmented using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.

[macpro-snyk-service-account]

This upgrade to axios includes behavioral changes in version 0.28.0 that may require attention. Specifically, there are changes to default proxy handling and URL parameter serialization that could affect applications in certain environments or with specific API request patterns.

Source: Package documentation
Recommendation: Review your network environment for proxy variables and test API calls that use complex objects in GET request parameters before merging.

Notice 🤖: This content was augmented using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.

[macpro-snyk-service-account]

This upgrade includes a notable behavioral change in version 0.28.0 that may affect applications in specific network environments. Axios will now automatically use proxy settings from environment variables, which can lead to unexpected connection failures.

Highlights:

• Automatic Proxy Configuration: Starting with v0.28.0, Axios automatically reads proxy settings from the npm_config_proxy environment variable. This can cause requests to fail in environments where this variable is set but should not be used by the application.

Source: Package documentation
Recommendation: Verify if your application runs in an environment where proxy-related environment variables are set. If so, test network connectivity thoroughly after the upgrade to ensure requests are not being unintentionally routed through a proxy.

Notice 🤖: This content was augmented using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.