[Snyk] Security upgrade axios from 0.21.2 to 1.15.0

[joeawillis]

Snyk has created this PR to fix 2 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

• package.json

⚠️ Warning

Failed to update the package-lock.json, please update manually before merging.

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Unintended Proxy or Intermediary ('Confused Deputy') SNYK-JS-AXIOS-15965856	848
	HTTP Response Splitting SNYK-JS-AXIOS-15969258	636

Breaking Change Risk

Notice: This assessment is enhanced by AI.

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

[joeawillis]

This is a major version upgrade from 0.x to 1.x which includes several significant breaking changes that require code modifications.

Key Breaking Changes:

• Request Interceptors: The interface for request interceptors has been changed. You must update your interceptors from using AxiosRequestConfig to InternalAxiosRequestConfig to ensure they continue to work correctly.
• FormData Content-Type: Axios v1.x no longer automatically sets the Content-Type header to multipart/form-data if a different Content-Type header (like application/json) is already present. This can lead to FormData objects being incorrectly serialized as JSON.
• Error Handling: The AxiosError object has been refactored. While this improves error reporting, any custom logic that relies on the specific structure or properties of error objects may need to be updated.
• paramsSerializer: The function signature and expected shape for paramsSerializer have changed.

Recommendation: This is a high-risk upgrade. Developers must carefully review their usage of Axios, especially request interceptors, error handling logic, and any instances where FormData is used. Thorough testing is required before merging.

Source: Axios v1.x Changelog, Community Migration Guide

Notice 🤖: This content was augmented using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.