Skip to content

Bump "axios" package version#2686

Closed
updateclibot[bot] wants to merge 0 commit intomasterfrom
updatecli_master_6a92006ed02c93a4ad363bb1559c3677fc6e71825aebfd014b2c87c9d32b228c
Closed

Bump "axios" package version#2686
updateclibot[bot] wants to merge 0 commit intomasterfrom
updatecli_master_6a92006ed02c93a4ad363bb1559c3677fc6e71825aebfd014b2c87c9d32b228c

Conversation

@updateclibot
Copy link
Contributor

@updateclibot updateclibot bot commented Feb 8, 2026

Bump "axios" package version

Bump "axios" package version to 1.13.5

ran shell command "npm install --package-lock-only --dry-run=$DRY_RUN axios@1.13.5"

v1.13.5 
## Release 1.13.5

### Highlights
- **Security:** Fixed a potential **Denial of Service** issue involving the `__proto__` key in `mergeConfig`. (PR [#7369](https://github.com/axios/axios/pull/7369))
- **Bug fix:** Resolved an issue where `AxiosError` could be missing the `status` field on and after **v1.13.3**. (PR [#7368](https://github.com/axios/axios/pull/7368))

### Changes

#### Security
- Fix Denial of Service via `__proto__` key in `mergeConfig`. (PR [#7369](https://github.com/axios/axios/pull/7369))

#### Fixes
- Fix/5657. (PR [#7313](https://github.com/axios/axios/pull/7313))
- Ensure `status` is present in `AxiosError` on and after v1.13.3. (PR [#7368](https://github.com/axios/axios/pull/7368))

#### Features / Improvements
- Add input validation to `isAbsoluteURL`. (PR [#7326](https://github.com/axios/axios/pull/7326))
- Refactor: bump minor package versions. (PR [#7356](https://github.com/axios/axios/pull/7356))

#### Documentation
- Clarify object-check comment. (PR [#7323](https://github.com/axios/axios/pull/7323))
- Fix deprecated `Buffer` constructor usage and README formatting. (PR [#7371](https://github.com/axios/axios/pull/7371))

#### CI / Maintenance
- Chore: fix issues with YAML. (PR [#7355](https://github.com/axios/axios/pull/7355))
- CI: update workflow YAMLs. (PR [#7372](https://github.com/axios/axios/pull/7372))
- CI: fix run condition. (PR [#7373](https://github.com/axios/axios/pull/7373))
- Dev deps: bump `karma-sourcemap-loader` from 0.3.8 to 0.4.0. (PR [#7360](https://github.com/axios/axios/pull/7360))
- Chore(release): prepare release 1.13.5. (PR [#7379](https://github.com/axios/axios/pull/7379))

### New Contributors
- @sachin11063 (first contribution — PR [#7323](https://github.com/axios/axios/pull/7323))
- @asmitha-16 (first contribution — PR [#7326](https://github.com/axios/axios/pull/7326))

**Full Changelog:** https://github.com/axios/axios/compare/v1.13.4...v1.13.5
GitHub Action workflow link
Updatecli logo

Created automatically by Updatecli

Options:

Most of Updatecli configuration is done via its manifest(s).

  • If you close this pull request, Updatecli will automatically reopen it, the next time it runs.
  • If you close this pull request and delete the base branch, Updatecli will automatically recreate it, erasing all previous commits made.

Feel free to report any issues at github.com/updatecli/updatecli.
If you find this tool useful, do not hesitate to star our GitHub repository as a sign of appreciation, and/or to tell us directly on our chat!

@updateclibot updateclibot bot added the dependencies Pull requests that update a dependency file label Feb 8, 2026
@updateclibot updateclibot bot closed this Feb 8, 2026
@updateclibot updateclibot bot force-pushed the updatecli_master_6a92006ed02c93a4ad363bb1559c3677fc6e71825aebfd014b2c87c9d32b228c branch from 3aa795e to 22bb384 Compare February 8, 2026 17:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants