[Snyk] Security upgrade axios from 0.21.2 to 0.31.1

[impactyogi]

Snyk has created this PR to fix 6 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

• package.json

⚠️ Warning

Failed to update the package-lock.json, please update manually before merging.

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	HTTP Response Splitting SNYK-JS-AXIOS-16298058	848
	Uncontrolled Recursion SNYK-JS-AXIOS-16299923	828
	Prototype Pollution SNYK-JS-AXIOS-16299904	741
	Allocation of Resources Without Limits or Throttling SNYK-JS-AXIOS-16298130	738
	Improper Encoding or Escaping of Output SNYK-JS-AXIOS-16298055	708
	Prototype Pollution SNYK-JS-AXIOS-16299925	708

Breaking Change Risk

Notice: This assessment is enhanced by AI.

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Improper Encoding or Escaping of Output
🦉 Allocation of Resources Without Limits or Throttling
🦉 Prototype Pollution

[impactyogi]

This upgrade of Axios from v0.21.2 to v0.31.1 includes multiple minor versions that introduce bug fixes, new features, and some behavioral changes that may require verification.

While no major breaking changes are officially documented in the changelogs for this version range, there are user-reported issues indicating subtle changes in behavior that could impact existing integrations:

• Request Data Handling: Some users have reported that starting with v0.21.2, there were changes in how request data is processed. For example, POST requests with data passed in the params object behaved differently than in v0.21.1.
• String Payloads: There are reports of changes to how string payloads in POST requests are handled, which in some cases required manually setting the Content-Type header to avoid issues on the server-side.
• Next.js Integrations: An issue was reported where requests within a Next.js API route stopped working on localhost after upgrading from v0.21.1 to v0.21.2.

Recommendation:
These changes appear to be edge cases rather than broad, intentional breaking changes. However, due to the potential for subtle behavior differences, it is recommended to test your application's usage of Axios, particularly around POST requests and any complex configurations, to ensure there is no impact.

Source: Package documentation and GitHub issue reports.

Notice 🤖: This content was augmented using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.