fix(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
axios (source)	^1.5.0 -> ^1.7.7
date-fns	^3.5.0 -> ^3.6.0
vitest (source)	^1.5.0 -> ^1.6.0

---

Release Notes

axios/axios (axios)

v1.7.7

Compare Source

Bug Fixes

• fetch: fix stream handling in Safari by fallback to using a stream reader instead of an async iterator; (#​6584) (d198085)
• http: fixed support for IPv6 literal strings in url (#​5731) (364993f)

Contributors to this release

• Rishi556
• Dmitriy Mozgovoy

v1.7.6

Compare Source

Bug Fixes

• fetch: fix content length calculation for FormData payload; (#​6524) (085f568)
• fetch: optimize signals composing logic; (#​6582) (df9889b)

Contributors to this release

• Dmitriy Mozgovoy
• Jacques Germishuys
• kuroino721

v1.7.5

Compare Source

Bug Fixes

• adapter: fix undefined reference to hasBrowserEnv (#​6572) (7004707)
• core: add the missed implementation of AxiosError#status property; (#​6573) (6700a8a)
• core: fix ReferenceError: navigator is not defined for custom environments; (#​6567) (fed1a4b)
• fetch: fix credentials handling in Cloudflare workers (#​6533) (550d885)

Contributors to this release

• Dmitriy Mozgovoy
• Antonin Bas
• Hans Otto Wirtz

v1.7.4

Compare Source

Bug Fixes

• sec: CVE-2024-39338 (#​6539) (#​6543) (6b6b605)
• sec: disregard protocol-relative URL to remediate SSRF (#​6539) (07a661a)

Contributors to this release

• Lev Pachmanov
• Đỗ Trọng Hải

v1.7.3

Compare Source

Bug Fixes

• adapter: fix progress event emitting; (#​6518) (e3c76fc)
• fetch: fix withCredentials request config (#​6505) (85d4d0e)
• xhr: return original config on errors from XHR adapter (#​6515) (8966ee7)

Contributors to this release

• Dmitriy Mozgovoy
• Valerii Sidorenko
• prianYu

v1.7.2

Compare Source

Bug Fixes

• fetch: enhance fetch API detection; (#​6413) (4f79aef)

Contributors to this release

• Dmitriy Mozgovoy

v1.7.1

Compare Source

Bug Fixes

• fetch: fixed ReferenceError issue when TextEncoder is not available in the environment; (#​6410) (733f15f)

Contributors to this release

• Dmitriy Mozgovoy

v1.7.0

Compare Source

Features

• adapter: add fetch adapter; (#​6371) (a3ff99b)

Bug Fixes

• core/axios: handle un-writable error stack (#​6362) (81e0455)

Contributors to this release

• Dmitriy Mozgovoy
• Jay
• Alexandre ABRIOUX

v1.6.8

Compare Source

Bug Fixes

• AxiosHeaders: fix AxiosHeaders conversion to an object during config merging (#​6243) (2656612)
• import: use named export for EventEmitter; (7320430)
• vulnerability: update follow-redirects to 1.15.6 (#​6300) (8786e0f)

Contributors to this release

• Jay
• Dmitriy Mozgovoy
• Mitchell
• Emmanuel
• Lucas Keller
• Aditya Mogili
• Miroslav Petrov

v1.6.7

Compare Source

Bug Fixes

• capture async stack only for rejections with native error objects; (#​6203) (1a08f90)

Contributors to this release

• Dmitriy Mozgovoy
• zhoulixiang

v1.6.6

Compare Source

Bug Fixes

• fixed missed dispatchBeforeRedirect argument (#​5778) (a1938ff)
• wrap errors to improve async stack trace (#​5987) (123f354)

Contributors to this release

• Ilya Priven
• Zao Soula

v1.6.5

Compare Source

Bug Fixes

• ci: refactor notify action as a job of publish action; (#​6176) (0736f95)
• dns: fixed lookup error handling; (#​6175) (f4f2b03)

Contributors to this release

• Dmitriy Mozgovoy
• Jay

v1.6.4

Compare Source

Bug Fixes

• security: fixed formToJSON prototype pollution vulnerability; (#​6167) (3c0c11c)
• security: fixed security vulnerability in follow-redirects (#​6163) (75af1cd)

Contributors to this release

• Jay
• Dmitriy Mozgovoy
• Guy Nesher

v1.6.3

Compare Source

Bug Fixes

• Regular Expression Denial of Service (ReDoS) (#​6132) (5e7ad38)

Contributors to this release

• Jay
• Willian Agostini
• Dmitriy Mozgovoy

v1.6.2

Compare Source

Features

• withXSRFToken: added withXSRFToken option as a workaround to achieve the old withCredentials behavior; (#​6046) (cff9967)

PRs

• feat(withXSRFToken): added withXSRFToken option as a workaround to achieve the old `withCredentials` behavior; ( #​6046 )

📢 This PR added 'withXSRFToken' option as a replacement for old withCredentials behaviour. 
You should now use withXSRFToken along with withCredential to get the old behavior.
This functionality is considered as a fix.

Contributors to this release

• Dmitriy Mozgovoy
• Ng Choon Khon (CK)
• Muhammad Noman

v1.6.1

Compare Source

Bug Fixes

• formdata: fixed content-type header normalization for non-standard browser environments; (#​6056) (dd465ab)
• platform: fixed emulated browser detection in node.js environment; (#​6055) (3dc8369)

Contributors to this release

• Dmitriy Mozgovoy
• Fabian Meyer

v1.6.0

Compare Source

Bug Fixes

• CSRF: fixed CSRF vulnerability CVE-2023-45857 (#​6028) (96ee232)
• dns: fixed lookup function decorator to work properly in node v20; (#​6011) (5aaff53)
• types: fix AxiosHeaders types; (#​5931) (a1c8ad0)

PRs

• CVE 2023 45857 ( #​6028 )

⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

Contributors to this release

• Dmitriy Mozgovoy
• Valentin Panov
• Rinku Chaudhari

1.5.1 (2023-09-26)

Bug Fixes

• adapters: improved adapters loading logic to have clear error messages; (#​5919) (e410779)
• formdata: fixed automatic addition of the Content-Type header for FormData in non-browser environments; (#​5917) (bc9af51)
• headers: allow content-encoding header to handle case-insensitive values (#​5890) (#​5892) (4c89f25)
• types: removed duplicated code (9e62056)

Contributors to this release

• Dmitriy Mozgovoy
• David Dallas
• Sean Sattler
• Mustafa Ateş Uzun
• Przemyslaw Motacki
• Michael Di Prisco

PRs

• CVE 2023 45857 ( #​6028 )

⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

v1.5.1

Compare Source

Bug Fixes

• adapters: improved adapters loading logic to have clear error messages; (#​5919) (e410779)
• formdata: fixed automatic addition of the Content-Type header for FormData in non-browser environments; (#​5917) (bc9af51)
• headers: allow content-encoding header to handle case-insensitive values (#​5890) (#​5892) (4c89f25)
• types: removed duplicated code (9e62056)

Contributors to this release

• Dmitriy Mozgovoy
• David Dallas
• Sean Sattler
• Mustafa Ateş Uzun
• Przemyslaw Motacki
• Michael Di Prisco

date-fns/date-fns (date-fns)

v3.6.0

Compare Source

On this release worked @​kossnocorp and @​world1dan. Also, thanks to @​seated for sponsoring me.

Fixed

• Fixed weeks in the Belarisuan locale's formatDistance.

Added

• Added CDN versions of modules compatible with older browsers. See the CDN guide.

vitest-dev/vitest (vitest)

v1.6.0

Compare Source

   🚀 Features

• Support standalone mode  -  by @​sheremet-va in https:/vitest-dev/vitest/issues/5565 (bdce0)
• Custom "snapshotEnvironment" option  -  by @​sheremet-va in https:/vitest-dev/vitest/issues/5449 (30f72)
• benchmark: Support comparing benchmark result  -  by @​hi-ogawa and @​sheremet-va in https:/vitest-dev/vitest/issues/5398 (f8d3d)
• browser: Allow injecting scripts  -  by @​sheremet-va in https:/vitest-dev/vitest/issues/5656 (21e58)
• reporter: Support includeConsoleOutput and addFileAttribute in junit  -  by @​hi-ogawa in https:/vitest-dev/vitest/issues/5659 (2f913)
• ui: Sort items by file name  -  by @​btea in https:/vitest-dev/vitest/issues/5652 (1f726)

   🐞 Bug Fixes

• Keep order of arguments for .each in custom task collectors  -  by @​sheremet-va in https:/vitest-dev/vitest/issues/5640 (7d57c)
• Call resolveId('vitest') after buildStart  -  by @​hi-ogawa in https:/vitest-dev/vitest/issues/5646 (f5faf)
• Hash the name of the file when caching  -  by @​sheremet-va in https:/vitest-dev/vitest/issues/5654 (c9e68)
• Don't panic on empty files in node_modules  -  by @​sheremet-va (40c29)
• Use toJSON for error serialization  -  by @​hi-ogawa in https:/vitest-dev/vitest/issues/5526 (19a21)
• coverage:
  • Exclude *.test-d.* by default  -  by @​MindfulPol in https:/vitest-dev/vitest/issues/5634 (bfe8a)
  • Apply vite-node's wrapper only to executed files  -  by @​AriPerkkio in https:/vitest-dev/vitest/issues/5642 (c9883)
• vm:
  • Support network imports  -  by @​sheremet-va in https:/vitest-dev/vitest/issues/5610 (103a6)

   🏎 Performance

• Improve performance of forks pool  -  by @​sheremet-va in https:/vitest-dev/vitest/issues/5592 (d8304)
• Unnecessary rpc call when coverage is disabled  -  by @​AriPerkkio in https:/vitest-dev/vitest/issues/5658 (c5712)

    View changes on GitHub

v1.5.3

Compare Source

   🐞 Bug Fixes

• Use package.json name for a workspace project if not provided  -  by @​sheremet-va in https:/vitest-dev/vitest/issues/5608 (48fba)
• Backport jest iterable equality within object  -  by @​sukovanej in https:/vitest-dev/vitest/issues/5621 (30e5d)
• browser: Support benchmark  -  by @​hi-ogawa in https:/vitest-dev/vitest/issues/5622 (becab)
• reporter: Use default error formatter for JUnit  -  by @​hi-ogawa in https:/vitest-dev/vitest/issues/5629 (20060)

    View changes on GitHub

v1.5.2

Compare Source

   🐞 Bug Fixes

• Check for null before storing in weakmap  -  by @​sheremet-va (ce368)

    View changes on GitHub

v1.5.1

Compare Source

   🚀 Features

• api: startVitest() to accept stdout and stdin  -  by @​AriPerkkio in https:/vitest-dev/vitest/issues/5493 (780b1)
  • This is listed as a feature, but it doesn't increase the minor version because startVitest API is experimental and doesn't follow semver.

   🐞 Bug Fixes

• Close vite servers on all resolved projects  -  by @​surc54 in https:/vitest-dev/vitest/issues/5544 (413ec)
• Fix default import.meta.env.PROD: false  -  by @​hi-ogawa in https:/vitest-dev/vitest/issues/5561 (9c649)
• Resolve cwd correctly when initiating projects  -  by @​sheremet-va in https:/vitest-dev/vitest/issues/5582 (ec9d7)
• Always run onTestFinished in reverse order  -  by @​sheremet-va in https:/vitest-dev/vitest/issues/5598 (23f29)
• browser:
  • Disable fileParallelism by default on browser pool  -  by @​hi-ogawa in https:/vitest-dev/vitest/issues/5528 (5c69f)
  • Dispose tester iframe on done  -  by @​hi-ogawa in https:/vitest-dev/vitest/issues/5595 (b2135)
• coverage:
  • Fix bundling of v8-to-istanbul  -  by @​AriPerkkio in https:/vitest-dev/vitest/issues/5549 (df6a4)
  • Prevent crash when cleanOnRerun is disabled  -  by @​AriPerkkio in https:/vitest-dev/vitest/issues/5540 (ea3c1)
  • thresholds to compare files relative to root  -  by @​AriPerkkio in https:/vitest-dev/vitest/issues/5574 (80265)
• expect:
  • Fix toEqual and toMatchObject with circular references  -  by @​hi-ogawa in https:/vitest-dev/vitest/issues/5535 (9e641)
• vitest:
  • Fix false positive file filter match with leading slash  -  by @​hi-ogawa in https:/vitest-dev/vitest/issues/5578 (316eb)
  • Watch the output directory correctly  -  by @​sheremet-va in https:/vitest-dev/vitest/issues/5584 (e40f9)
  • StubEnv casts boolean on PROD/SSR/DEV  -  by @​sheremet-va in https:/vitest-dev/vitest/issues/5590 (4da88)

    View changes on GitHub

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.