fix(deps): update dependency axios to v0.21.1 [security] - autoclosed

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
axios	0.21.0 -> 0.21.1

GitHub Vulnerability Alerts

CVE-2020-28168

Axios NPM package 0.21.0 contains a Server-Side Request Forgery (SSRF) vulnerability where an attacker is able to bypass a proxy by providing a URL that responds with a redirect to a restricted host or IP address.

---

Release Notes

axios/axios

v0.21.1

Compare Source

0.21.1 (December 21, 2020)

Fixes and Functionality:

• Hotfix: Prevent SSRF (#​3410)
• Protocol not parsed when setting proxy config from env vars (#​3070)
• Updating axios in types to be lower case (#​2797)
• Adding a type guard for AxiosError (#​2949)

Internal and Tests:

• Remove the skipping of the socket http test (#​3364)
• Use different socket for Win32 test (#​3375)

Huge thanks to everyone who contributed to this release via code (authors listed below) or via reviews and triaging on GitHub:

• Daniel Lopretto mailto:timemachine3030@​users.noreply.github.com
• Jason Kwok mailto:JasonHK@users.noreply.github.com
• Jay mailto:jasonsaayman@gmail.com
• Jonathan Foster mailto:jonathan@jonathanfoster.io
• Remco Haszing mailto:remcohaszing@gmail.com
• Xianming Zhong mailto:chinesedfan@qq.com

---

Renovate configuration

📅 Schedule: "" (UTC).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻️ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by WhiteSource Renovate. View repository job log here.