Skip to content

chore(deps): bump the prod-patch-updates group across 1 directory with 2 updates#990

Closed
dependabot[bot] wants to merge 5 commits into
dev-2.5.0from
dependabot/npm_and_yarn/prod-patch-updates-2a0e01eb15
Closed

chore(deps): bump the prod-patch-updates group across 1 directory with 2 updates#990
dependabot[bot] wants to merge 5 commits into
dev-2.5.0from
dependabot/npm_and_yarn/prod-patch-updates-2a0e01eb15

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 29, 2026

Copy link
Copy Markdown
Contributor

Bumps the prod-patch-updates group with 2 updates in the / directory: axios and nanoid.

Updates axios from 1.18.0 to 1.18.1

Release notes

Sourced from axios's releases.

v1.18.1 — June 21, 2026

This release focuses on Node HTTP adapter fixes, safer AxiosError serialisation, runtime/type correctness fixes, documentation updates, and dependency maintenance.

🐛 Bug Fixes

  • AxiosError Serialisation: Made AxiosError#cause non-enumerable to prevent circular JSON serialisation failures when errors include nested causes. (#10913)
  • Node HTTP Adapter: Guarded socket.setKeepAlive for proxy agent streams, accepted path-only URLs when socketPath is configured, deferred environment proxy handling to Node, and explicitly passed maxBodyLength through to follow-redirects. (#10917, #10930, #10942, #10993)
  • Runtime and Type Correctness: Fixed several runtime crashes, type definition mismatches, and incorrect error handling paths. (#10959, #11021)
  • AxiosURLSearchParams: Switched the encoder callback to an arrow function so encoder.call(this) receives the AxiosURLSearchParams instance correctly. (#11019)

🔧 Maintenance & Chores

  • Documentation: Documented sensitive headers and status transition behaviour, prepared cleaned-up docs, added Deno install instructions, and clarified that request data is request-specific (#11007, #11010, #11023, #11025)

  • Dependencies: Bumped vite, rollup, form-data, js-yaml, and multer across the root project, docs, smoke tests, and module test workspaces. (#11011, #11012, #11013, #11014, #11015, #11016, #11017, #11026)

🌟 New Contributors

We are thrilled to welcome our new contributors. Thank you for helping improve axios:

Full Changelog

Changelog

Sourced from axios's changelog.

Changelog

Commits
  • a209bfb chore(release): prepare release 1.18.1 (#11027)
  • fa6a55e chore(deps-dev): bump multer from 2.1.1 to 2.2.0 (#11026)
  • 40e7be8 docs: clarifies that request data is request-specific in axios (#11025)
  • a446b39 fix(AxiosURLSearchParams): use arrow function so encoder.call(this) receives ...
  • cf1306a docs: add Deno to install instructions (#11023)
  • b32880a fix: incorrect use of error (#11021)
  • 1792eda fix: ensure maxBodyLength is explicitly passed to follow-redirects (#10993)
  • 30499d6 fix: various runtime crashes and type definition mismatches (#10959)
  • 20ce9c4 fix(http): defer env proxy handling to Node (#10942)
  • e64bcf9 chore(deps): merge branch 'v1.x' into tests/module/cjs (#11014)
  • Additional commits viewable in compare view

Updates nanoid from 5.1.11 to 5.1.16

Release notes

Sourced from nanoid's releases.

5.1.16

5.1.15

  • Fixed random pool corruption on big ID sizes.

5.1.14

  • Fixed npm package size regression.

5.1.13

  • Fixed npm package size regression.

5.1.12

  • Moved to npm Provenance and Staged Publishing.
Changelog

Sourced from nanoid's changelog.

5.1.16

5.1.15

  • Fixed random pool corruption on big ID sizes.

5.1.14

  • Fixed npm package size regression.

5.1.13

  • Fixed npm package size regression.

5.1.12

  • Moved to npm Provenance and Staged Publishing.
Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for nanoid since your current version.


@dependabot dependabot Bot added dependencies Pull requests that update a dependency file npm labels Jun 29, 2026
@LukeGus LukeGus changed the base branch from main to dev-2.5.0 June 29, 2026 06:46
@LukeGus LukeGus added the dependabot-rebase-requested Retarget workflow asked Dependabot to rebase a conflicting PR label Jun 29, 2026
@LukeGus

LukeGus commented Jun 29, 2026

Copy link
Copy Markdown
Member

@dependabot rebase

…h 2 updates

Bumps the prod-patch-updates group with 2 updates in the / directory: [axios](https://github.com/axios/axios) and [nanoid](https://github.com/ai/nanoid).


Updates `axios` from 1.18.0 to 1.18.1
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.18.0...v1.18.1)

Updates `nanoid` from 5.1.11 to 5.1.16
- [Release notes](https://github.com/ai/nanoid/releases)
- [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md)
- [Commits](ai/nanoid@5.1.11...5.1.16)

---
updated-dependencies:
- dependency-name: axios
  dependency-version: 1.18.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-patch-updates
- dependency-name: nanoid
  dependency-version: 5.1.16
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-patch-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the base branch from dev-2.5.0 to main June 29, 2026 06:48
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/prod-patch-updates-2a0e01eb15 branch from 1d96b19 to 8e914fd Compare June 29, 2026 06:48
@dependabot dependabot Bot changed the title chore(deps): bump the prod-patch-updates group with 2 updates chore(deps): bump the prod-patch-updates group across 1 directory with 2 updates Jun 29, 2026
@LukeGus LukeGus changed the base branch from main to dev-2.5.0 June 29, 2026 07:49
@LukeGus

LukeGus commented Jun 29, 2026

Copy link
Copy Markdown
Member

Closing: this PR still conflicts with dev-2.5.0 after a rebase attempt (its changes are likely already merged). Dependabot will reopen a fresh PR computed against the current dev-2.5.0.

@LukeGus LukeGus closed this Jun 29, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jun 29, 2026

Copy link
Copy Markdown
Contributor Author

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml

@LukeGus LukeGus deleted the dependabot/npm_and_yarn/prod-patch-updates-2a0e01eb15 branch June 29, 2026 07:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependabot-rebase-requested Retarget workflow asked Dependabot to rebase a conflicting PR dependencies Pull requests that update a dependency file npm

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant