chore(deps): update dependency axios to v1.6.0 [security]

[apalchys]

This PR contains the following updates:

Package	Type	Update	Change
axios			1.5.0 -> 1.6.0
axios (source)	dependencies	minor	1.5.0 -> 1.6.0

GitHub Vulnerability Alerts

CVE-2023-45857

An issue discovered in Axios 0.8.1 through 1.5.1 inadvertently reveals the confidential XSRF-TOKEN stored in cookies by including it in the HTTP header X-XSRF-TOKEN for every request made to any host allowing attackers to view sensitive information.

---

Release Notes

axios/axios

v1.6.0

Compare Source

Bug Fixes

• CSRF: fixed CSRF vulnerability CVE-2023-45857 (#​6028) (96ee232)
• dns: fixed lookup function decorator to work properly in node v20; (#​6011) (5aaff53)
• types: fix AxiosHeaders types; (#​5931) (a1c8ad0)

PRs

• CVE 2023 45857 ( #​6028 )

⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

Contributors to this release

• Dmitriy Mozgovoy
• Valentin Panov
• Rinku Chaudhari

1.5.1 (2023-09-26)

Bug Fixes

• adapters: improved adapters loading logic to have clear error messages; (#​5919) (e410779)
• formdata: fixed automatic addition of the Content-Type header for FormData in non-browser environments; (#​5917) (bc9af51)
• headers: allow content-encoding header to handle case-insensitive values (#​5890) (#​5892) (4c89f25)
• types: removed duplicated code (9e62056)

Contributors to this release

• Dmitriy Mozgovoy
• David Dallas
• Sean Sattler
• Mustafa Ateş Uzun
• Przemyslaw Motacki
• Michael Di Prisco

PRs

• CVE 2023 45857 ( #​6028 )

⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

v1.5.1

Compare Source

Bug Fixes

• adapters: improved adapters loading logic to have clear error messages; (#​5919) (e410779)
• formdata: fixed automatic addition of the Content-Type header for FormData in non-browser environments; (#​5917) (bc9af51)
• headers: allow content-encoding header to handle case-insensitive values (#​5890) (#​5892) (4c89f25)
• types: removed duplicated code (9e62056)

Contributors to this release

• Dmitriy Mozgovoy
• David Dallas
• Sean Sattler
• Mustafa Ateş Uzun
• Przemyslaw Motacki
• Michael Di Prisco

PRs

• CVE 2023 45857 ( #​6028 )

⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.

[github-actions]

📦 Next.js Bundle Analysis

This analysis was generated by the next.js bundle analysis action 🤖

⚠️ Global Bundle Size Increased

Page	Size (compressed)
global	165.59 KB (🟡 +1 B)

Details

The global bundle is the javascript bundle that loads alongside every page. It is in its own category because its impact is much higher - an increase to its size means that every page on your website loads slower, and a decrease means every page loads faster.

Any third party scripts you have added directly to your app using the <script> tag are not accounted for in this analysis

If you want further insight into what is behind the changes, give @next/bundle-analyzer a try!

Fifty-four Pages Changed Size

The following pages changed size from the code in this PR compared to its base branch:

Page	Size (compressed)	First Load	% of Budget (500 KB)
/	289.67 KB	455.26 KB	91.05% (🟡 +0.03%)
/404	225.77 KB	391.36 KB	78.27% (🟡 +0.03%)
/admin/courses	377.71 KB	543.3 KB	108.66% (🟡 +0.03%)
/admin/disciplines	323.71 KB	489.3 KB	97.86% (🟡 +0.03%)
/admin/discord-server	350.5 KB	516.09 KB	103.22% (🟡 +0.03%)
/admin/events	351.08 KB	516.67 KB	103.33% (🟡 +0.03%)
/admin/mentor-registry	374.42 KB	540.01 KB	108.00% (🟡 +0.03%)
/admin/notifications	389.96 KB	555.55 KB	111.11% (🟡 +0.03%)
/admin/prompts	331.48 KB	497.07 KB	99.41% (🟡 +0.03%)
/admin/registrations	326.43 KB	492.02 KB	98.40% (🟡 +0.03%)
/admin/tasks	431.79 KB	597.38 KB	119.48% (🟡 +0.02%)
/admin/user-group	374.94 KB	540.53 KB	108.11% (🟡 +0.02%)
/admin/users	272.09 KB	437.68 KB	87.54% (🟡 +0.02%)
/applicants	309.63 KB	475.22 KB	95.04% (🟡 +0.03%)
/course/admin/cross-check-table	427.71 KB	593.3 KB	118.66% (🟡 +0.03%)
/course/admin/events	431.54 KB	597.14 KB	119.43% (🟡 +0.03%)
/course/admin/interviews	373.96 KB	539.56 KB	107.91% (🟡 +0.03%)
/course/admin/mentors	378.57 KB	544.16 KB	108.83% (🟡 +0.03%)
/course/admin/stage-interviews	375.59 KB	541.18 KB	108.24% (🟡 +0.03%)
/course/admin/students	386.51 KB	552.1 KB	110.42% (🟡 +0.03%)
/course/admin/tasks	406.9 KB	572.49 KB	114.50% (🟡 +0.03%)
/course/admin/users	373.63 KB	539.22 KB	107.84% (🟡 +0.03%)
/course/interview/[type]/feedback	340.11 KB	505.71 KB	101.14% (🟡 +0.03%)
/course/mentor/auto-confirm	227.95 KB	393.54 KB	78.71% (🟡 +0.03%)
/course/mentor/confirm	291.71 KB	457.3 KB	91.46% (🟡 +0.03%)
/course/mentor/dashboard	395.49 KB	561.08 KB	112.22% (🟡 +0.02%)
/course/mentor/expel-student	295.72 KB	461.31 KB	92.26% (🟡 +0.03%)
/course/mentor/feedback	297.84 KB	463.43 KB	92.69% (🟡 +0.02%)
/course/mentor/interview-technical-screening	265.49 KB	431.08 KB	86.22% (🟡 +0.02%)
/course/mentor/interview-wait-list	333.97 KB	499.57 KB	99.91% (🟡 +0.03%)
/course/mentor/interviews	345.41 KB	511 KB	102.20% (🟡 +0.03%)
/course/mentor/students	250.54 KB	416.13 KB	83.23% (🟡 +0.02%)
/course/schedule	471.94 KB	637.53 KB	127.51% (🟡 +0.02%)
/course/score	333.51 KB	499.1 KB	99.82% (🟡 +0.03%)
/course/student/auto-test	384.2 KB	549.79 KB	109.96% (🟡 +0.03%)
/course/student/auto-test/task	384.12 KB	549.71 KB	109.94% (🟡 +0.03%)
/course/student/cross-check-review	411.48 KB	577.07 KB	115.41% (🟡 +0.03%)
/course/student/cross-check-submit	426.95 KB	592.54 KB	118.51% (🟡 +0.03%)
/course/student/dashboard	391.3 KB	556.89 KB	111.38% (🟡 +0.03%)
/course/student/interviews	300.45 KB	466.04 KB	93.21% (🟡 +0.03%)
/course/submit-scores	406.47 KB	572.07 KB	114.41% (🟡 +0.03%)
/course/team-distributions	377.56 KB	543.15 KB	108.63% (🟡 +0.03%)
/course/teams	419.66 KB	585.25 KB	117.05% (🟡 +0.03%)
/cv/[uuid]	241.42 KB	407.01 KB	81.40% (🟡 +0.03%)
/cv/edit	344.31 KB	509.9 KB	101.98% (🟡 +0.03%)
/gratitude	290.33 KB	455.92 KB	91.18% (🟡 +0.03%)
/heroes	392.03 KB	557.62 KB	111.52% (🟡 +0.03%)
/job	170.84 KB	336.44 KB	67.29% (🟡 +0.03%)
/profile	398.71 KB	564.3 KB	112.86% (🟡 +0.03%)
/profile/connection-confirmed	266.31 KB	431.9 KB	86.38% (🟡 +0.03%)
/profile/notifications	326.64 KB	492.23 KB	98.45% (🟡 +0.02%)
/registry/epamlearningjs	289.99 KB	455.58 KB	91.12% (🟡 +0.02%)
/registry/mentor	340.17 KB	505.76 KB	101.15% (🟡 +0.03%)
/registry/student	340.17 KB	505.76 KB	101.15% (🟡 +0.03%)

Details

Only the gzipped size is provided here based on an expert tip.

First Load is the size of the global bundle plus the bundle for the individual page. If a user were to show up to your website and land on a given page, the first load size represents the amount of javascript that user would need to download. If next/link is used, subsequent page loads would only need to download that page's bundle (the number in the "Size" column), since the global bundle has already been downloaded.

Any third party scripts you have added directly to your app using the <script> tag are not accounted for in this analysis

The "Budget %" column shows what percentage of your performance budget the First Load total takes up. For example, if your budget was 100kb, and a given page's first load size was 10kb, it would be 10% of your budget. You can also see how much this has increased or decreased compared to the base branch of your PR. If this percentage has increased by 5% or more, there will be a red status indicator applied, indicating that special attention should be given to this. If you see "+/- <0.01%" it means that there was a change in bundle size, but it is a trivial enough amount that it can be ignored.