Update dependency axios to v0.21.1 [SECURITY]

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
axios (source)	0.19.2 → 0.21.1

GitHub Vulnerability Alerts

CVE-2020-28168

Axios NPM package 0.21.0 contains a Server-Side Request Forgery (SSRF) vulnerability where an attacker is able to bypass a proxy by providing a URL that responds with a redirect to a restricted host or IP address.

---

Release Notes

axios/axios (axios)

v0.21.1

Compare Source

Fixes and Functionality:

• Hotfix: Prevent SSRF (#​3410)
• Protocol not parsed when setting proxy config from env vars (#​3070)
• Updating axios in types to be lower case (#​2797)
• Adding a type guard for AxiosError (#​2949)

Internal and Tests:

• Remove the skipping of the socket http test (#​3364)
• Use different socket for Win32 test (#​3375)

Huge thanks to everyone who contributed to this release via code (authors listed below) or via reviews and triaging on GitHub:

• Daniel Lopretto <timemachine3030@​users.noreply.github.com>
• Jason Kwok JasonHK@users.noreply.github.com
• Jay jasonsaayman@gmail.com
• Jonathan Foster jonathan@jonathanfoster.io
• Remco Haszing remcohaszing@gmail.com
• Xianming Zhong chinesedfan@qq.com

v0.21.0

Compare Source

Fixes and Functionality:

• Fixing requestHeaders.Authorization (#​3287)
• Fixing node types (#​3237)
• Fixing axios.delete ignores config.data (#​3282)
• Revert "Fixing overwrite Blob/File type as Content-Type in browser. (#​1773)" (#​3289)
• Fixing an issue that type 'null' and 'undefined' is not assignable to validateStatus when typescript strict option is enabled (#​3200)

Internal and Tests:

• Lock travis to not use node v15 (#​3361)

Documentation:

• Fixing simple typo, existant -> existent (#​3252)
• Fixing typos (#​3309)

Huge thanks to everyone who contributed to this release via code (authors listed below) or via reviews and triaging on GitHub:

• Allan Cruz 57270969+Allanbcruz@users.noreply.github.com
• George Cheng Gerhut@GMail.com
• Jay jasonsaayman@gmail.com
• Kevin Kirsche Kev.Kirsche+GitHub@gmail.com
• Remco Haszing remcohaszing@gmail.com
• Taemin Shin <cprayer13@​gmail.com>
• Tim Gates tim.gates@iress.com
• Xianming Zhong chinesedfan@qq.com

v0.20.0

Compare Source

Release of 0.20.0-pre as a full release with no other changes.

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

⚠ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: functions/package-lock.json

ERROR: npm is known not to run on Node.js v10.24.1
You'll need to upgrade to a newer Node.js version in order to use this
version of npm. You can find the latest version at https://nodejs.org/