New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Release] v0.28.0 #6211
[Release] v0.28.0 #6211
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
so happy to see this progressing!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Any reason the dist/axios.js
doesn't seem to be built with Webpack any more?
That's an assumption on my part - the __webpack_require__
s are all gone and add/remove of 1,200 lines for a change of constrained scope like this seems offputting.
Yes, that’s right, we switched to rollup almost 2 years ago (#4596), it seems that this and some other commits were originally merged into the 0.x branch and remained unpublished since the 1.x branch was created much later than the merge of these commits. As a result, we have a partial backport from the 1.x branch. |
Hi @DigitalBrainJS , We appreciate your efforts in addressing the vulnerability in the dependent package. Integrating this fix into our project is a priority for us. However, we've encountered challenges during the upgrade process, particularly transitioning from version Could you kindly provide an estimated timeline for when this PR will be merged and deployed? This information is crucial for us to plan our next steps effectively and ensure the timely resolution of the vulnerability. Thank you once again for your attention to this matter 🙏. |
@venusgazer Sorry for the delay. I think the release will be published this weekend, as it requires cooperation with other team members who are currently pretty overworked. |
aa65f99
to
6461286
Compare
Release notes:
Bug Fixes
withXSRFToken
option to v0.x (fix: resolve CVE-2023-45857 inv0.x
branch #6091)Backports from v1.x:
axios.formToJSON
method (Addedaxios.formToJSON
method; #4735)url-encoded-form
serializer to respect theformSerializer
config (Added the ability for theurl-encoded-form
serializer to respect theformSerializer
config; #4721)string[]
toAxiosRequestHeaders
type (addstring[]
toAxiosRequestHeaders
type #4322)AxiosError
stack capturing; (FixedAxiosError
stack capturing; #4718)AxiosError
status code type; (FixedAxiosError
status code type; #4717)Canceler
parameters config and request #4711)blob
to the list of protocols supported by the browser (Addedblob
to the list of protocols supported by the browser; #4678)AxiosAbortSignal
TS interface to avoid importing AbortController polyfill #4229)CanceledError
. #4659)toFormData
helper; #4668)