Skip to content

build(deps): Bump axios, @accordproject/template-engine, @accordproject/concerto-core, @accordproject/markdown-common, @accordproject/markdown-html and @accordproject/markdown-template#7

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/multi-8b42f72f5b
Open

build(deps): Bump axios, @accordproject/template-engine, @accordproject/concerto-core, @accordproject/markdown-common, @accordproject/markdown-html and @accordproject/markdown-template#7
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/multi-8b42f72f5b

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Mar 21, 2026
edited
Loading

Bumps axios to 1.13.6 and updates ancestor dependencies axios, @accordproject/template-engine, @accordproject/concerto-core, @accordproject/markdown-common, @accordproject/markdown-html and @accordproject/markdown-template. These dependencies need to be updated together.

Updates axios from 0.23.0 to 1.13.6

Release notes

Sourced from axios's releases.

v1.13.6

This release focuses on platform compatibility, error handling improvements, and code quality maintenance.

⚠️ Important Changes

  • Breaking Changes: None identified in this release.
  • Action Required: Users targeting React Native should verify their integration, particularly if relying on specific Blob or FormData behaviours, as improvements have been made to support these objects.

🚀 New Features

  • React Native Blob Support: Axios now includes support for React Native Blob objects. Thanks to @​moh3n9595 for the initial implementation. (#5764)
  • Code Quality: Implemented prettier across the codebase and resolved associated formatting issues. (#7385)

🐛 Bug Fixes

  • Environment Compatibility:

    • Fixed module exports for React Native and Browserify environments. (#7386)
    • Added safe FormData detection for the WeChat Mini Program environment. (#7324)

  • Error Handling:

    • AxiosError.message is now correctly enumerable. (#7392)
    • AxiosError.from now correctly copies the status property from the source error, ensuring better error propagation. (#7403)

🔧 Maintenance & Chores

  • Dependencies: Updated the development_dependencies group (5 updates). (#7432)
  • Infrastructure: Migrated @​rollup/plugin-babel from v5.3.1 to v6.1.0. (#7424)
  • Documentation: Added missing JSDoc comments to utilities. (#7427)

🌟 New Contributors

We are thrilled to welcome our new contributors! Thank you for helping improve the project:

Full Changelog: v1.13.5...v1.13.6

v1.13.5

Release 1.13.5

Highlights

  • Security: Fixed a potential Denial of Service issue involving the __proto__ key in mergeConfig. (PR #7369)
  • Bug fix: Resolved an issue where AxiosError could be missing the status field on and after v1.13.3. (PR #7368)

Changes

Security

  • Fix Denial of Service via __proto__ key in mergeConfig. (PR #7369)

... (truncated)

Commits
  • 7108c88 chore(release): prepare release 1.13.6 (#7446)
  • 20a0ba3 refactor(deps): migrate @​rollup/plugin-babel from v5.3.1 to v6.1.0 (#7424)
  • 885b4af feat: support react native blob objects (#5764)
  • 00d97b9 docs(utils): add missing JSDoc comments (#7427)
  • 9712548 chore(deps-dev): bump the development_dependencies group across 1 directory w...
  • d51accb fix(core): copy status from source error in AxiosError.from (#7403)
  • 3e30bbf chore: fix publish to only run on v1 tags
  • 672491d fix: safe FormData detection for WeChat Mini Program (#7306) (#7324)
  • 822e3e4 fix: make AxiosError.message property enumerable (#7392)
  • ef3711d feat: implement prettier and fix all issues (#7385)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for axios since your current version.

Install script changes

This version adds prepare script that runs during installation. Review the package contents before updating.


Updates @accordproject/template-engine from 2.3.4 to 2.8.0

Release notes

Sourced from @​accordproject/template-engine's releases.

v2.8.0

What's Changed

New Contributors

Full Changelog: accordproject/template-engine@v2.7.2...v2.8.0

v2.7.2

What's Changed

New Contributors

Full Changelog: accordproject/template-engine@v2.7.1...v2.7.2

v2.7.1

Full Changelog: accordproject/template-engine@v2.7.0...v2.7.1

v2.7.0

What's Changed

New Contributors

Full Changelog: accordproject/template-engine@v2.6.7...v2.7.0

v2.6.7

Export type declarations.

... (truncated)

Commits
  • 3ad165d chore(ci): add tag script
  • 1a690b9 chore(ci): use oidc auth for npmjs publish
  • 832f31c chore(deps): upgrade to concerto@3.25.7, markdown-transform@0.17.2, cicero-co...
  • cba78ac fix(tests): use timezone-aware dates to prevent snapshot drift (#98)
  • 84c3a4f chore(deps-dev): Bump brace-expansion from 1.1.11 to 1.1.12 (#44)
  • fb45462 chore(deps): Bump tar from 7.5.9 to 7.5.10 (#102)
  • 9917d5f chore(deps): Bump @​tootallnate/once and @​accordproject/markdown-html (#101)
  • 9a2d54e chore(deps-dev): Bump js-yaml from 3.14.1 to 3.14.2 (#48)
  • d2b83e5 chore: replace deprecated npm-run-all with npm-run-all2 (#97)
  • cc64247 fix: skip undefined checks for root template clause in agreement generation
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​accordproject/template-engine since your current version.


Updates @accordproject/concerto-core from 3.19.8 to 3.25.7

Release notes

Sourced from @​accordproject/concerto-core's releases.

v3.25.7

Full Changelog: accordproject/concerto@v3.25.2...v3.25.7

v3.25.6

Full Changelog: accordproject/concerto@v3.25.2...v3.25.6

v3.25.5

Full Changelog: accordproject/concerto@v3.25.2...v3.25.5

v3.25.4

Republish to fix trusted publisher issue with concerto-cto

Full Changelog: accordproject/concerto@v3.25.2...v3.25.4

v3.25.3

Release to test trusted publishing using environments

Full Changelog: accordproject/concerto@v3.25.2...v3.25.3

v3.25.2

What's Changed

Full Changelog: accordproject/concerto@v3.25.1...v3.25.2

v3.25.1

What's Changed

Full Changelog: accordproject/concerto@v3.25.0...v3.25.1

v3.25.0

What's Changed

... (truncated)

Commits
  • 3e28adf chore(deps): add dependency linting and pin versions (#1081)
  • 74e1450 chore(actions): publish v3.25.0 to npm (#1080)
  • 5893e72 chore: update metamodel package (#1079)
  • 84a9a1a feat(parser): update parser and linter to support semver x rages (#1073)
  • 1a2eacf chore(actions): publish v3.24.0 to npm (#1061)
  • 3f8ef2c chore(actions): publish 3.23.0 to npm (#1049)
  • 467b939 feat(concertino): add new lightweight object-centric serialization of models ...
  • f9b612c chore(actions): publish v3.22.0 to npm (#1026)
  • c0d0f69 chore(actions): publish v3.21.0 to npm (#1015)
  • 8df15d2 Fixing Default Values Ignoring Meta properties. (#1013)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​accordproject/concerto-core since your current version.


Updates @accordproject/markdown-common from 0.16.26 to 0.17.2

Release notes

Sourced from @​accordproject/markdown-common's releases.

v0.17.2

Full Changelog: accordproject/markdown-transform@v0.17.0...v0.17.2

v0.17.1

Full Changelog: accordproject/markdown-transform@v0.17.0...v0.17.1

v0.17.0

What's Changed

New Contributors

Full Changelog: accordproject/markdown-transform@v0.16.26...v0.17.0

Commits
  • 419b4db chore(deps): update dependencies
  • 4a9d69d BREAKING CHANGE(*): remove markdown-pdf, docx & slate packages (#632)
  • See full diff in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​accordproject/markdown-common since your current version.


Updates @accordproject/markdown-html from 0.16.19 to 0.16.25

Release notes

Sourced from @​accordproject/markdown-html's releases.

v0.16.25

What's Changed

New Contributors

Full Changelog: accordproject/markdown-transform@v0.16.24...v0.16.25

v0.16.24

What's Changed

Full Changelog: accordproject/markdown-transform@v0.16.23...v0.16.24

v0.16.23

What's Changed

New Contributors

Full Changelog: accordproject/markdown-transform@v0.16.22...v0.16.23

v0.16.22

Currency release to update dependencies

What's Changed

... (truncated)

Commits
  • 9674ff1 chore(actions): publish v0.16.24 to npm
  • e9bda89 chore(actions): publish v0.16.23 to npm (#615)
  • 5fda9e8 fix: align all overwrites
  • 5138e9b fix: axios dependency mapping
  • b04ab4a chore(actions): publish v0.16.22 to npm (#579)
  • 02e9779 chore(actions): publish v0.16.21 to npm (#571)
  • dd9751c Migrate from Lerna to npm workspaces (#570)
  • d64c8b6 build(deps-dev): bump webpack in /packages/markdown-html (#565)
  • 1885c1a chore(actions): publish v0.16.19 to npm (#561)
  • See full diff in compare view
Maintainer changes

This version was pushed to npm by dselman, a new releaser for @​accordproject/markdown-html since your current version.


Updates @accordproject/markdown-template from 0.16.19 to 0.16.25

Release notes

Sourced from @​accordproject/markdown-template's releases.

v0.16.25

What's Changed

New Contributors

Full Changelog: accordproject/markdown-transform@v0.16.24...v0.16.25

v0.16.24

What's Changed

Full Changelog: accordproject/markdown-transform@v0.16.23...v0.16.24

v0.16.23

What's Changed

New Contributors

Full Changelog: accordproject/markdown-transform@v0.16.22...v0.16.23

v0.16.22

Currency release to update dependencies

What's Changed

... (truncated)

Commits
  • 3384cdc chore(deps): update package dependencies
  • 9674ff1 chore(actions): publish v0.16.24 to npm
  • 2d311e9 chore(deps): update concerto dependencies
  • e9bda89 chore(actions): publish v0.16.23 to npm (#615)
  • b97d3de fix: add exception for jest
  • 3ae76f0 chore: update concerto dependencies
  • 19b747a fix: remove require of util package (#592)
  • b04ab4a chore(actions): publish v0.16.22 to npm (#579)
  • 02e9779 chore(actions): publish v0.16.21 to npm (#571)
  • dd9751c Migrate from Lerna to npm workspaces (#570)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by dselman, a new releaser for @​accordproject/markdown-template since your current version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Mar 21, 2026
@dependabot
build(deps): Bump axios, @accordproject/template-engine, @accordproje…
6be3dd3 
…ct/concerto-core, @accordproject/markdown-common, @accordproject/markdown-html and @accordproject/markdown-template

Bumps [axios](https://github.com/axios/axios) to 1.13.6 and updates ancestor dependencies [axios](https://github.com/axios/axios), [@accordproject/template-engine](https://github.com/accordproject/template-engine), [@accordproject/concerto-core](https://github.com/accordproject/concerto/tree/HEAD/packages/concerto-cto), [@accordproject/markdown-common](https://github.com/accordproject/markdown-transform/tree/HEAD/packages/markdown-common), [@accordproject/markdown-html](https://github.com/accordproject/markdown-transform/tree/HEAD/packages/markdown-html) and [@accordproject/markdown-template](https://github.com/accordproject/markdown-transform/tree/HEAD/packages/markdown-template). These dependencies need to be updated together.


Updates `axios` from 0.23.0 to 1.13.6
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v0.23.0...v1.13.6)

Updates `@accordproject/template-engine` from 2.3.4 to 2.8.0
- [Release notes](https://github.com/accordproject/template-engine/releases)
- [Commits](accordproject/template-engine@v2.3.4...v2.8.0)

Updates `@accordproject/concerto-core` from 3.19.8 to 3.25.7
- [Release notes](https://github.com/accordproject/concerto/releases)
- [Commits](https://github.com/accordproject/concerto/commits/v3.25.7/packages/concerto-cto)

Updates `@accordproject/markdown-common` from 0.16.26 to 0.17.2
- [Release notes](https://github.com/accordproject/markdown-transform/releases)
- [Commits](https://github.com/accordproject/markdown-transform/commits/v0.17.2/packages/markdown-common)

Updates `@accordproject/markdown-html` from 0.16.19 to 0.16.25
- [Release notes](https://github.com/accordproject/markdown-transform/releases)
- [Commits](https://github.com/accordproject/markdown-transform/commits/v0.16.25/packages/markdown-html)

Updates `@accordproject/markdown-template` from 0.16.19 to 0.16.25
- [Release notes](https://github.com/accordproject/markdown-transform/releases)
- [Commits](https://github.com/accordproject/markdown-transform/commits/v0.16.25/packages/markdown-template)

---
updated-dependencies:
- dependency-name: axios
  dependency-version: 1.13.6
  dependency-type: indirect
- dependency-name: "@accordproject/template-engine"
  dependency-version: 2.8.0
  dependency-type: direct:production
- dependency-name: "@accordproject/concerto-core"
  dependency-version: 3.25.7
  dependency-type: direct:production
- dependency-name: "@accordproject/markdown-common"
  dependency-version: 0.17.2
  dependency-type: direct:production
- dependency-name: "@accordproject/markdown-html"
  dependency-version: 0.16.25
  dependency-type: direct:development
- dependency-name: "@accordproject/markdown-template"
  dependency-version: 0.16.25
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/multi-8b42f72f5b branch from a31d7e2 to 6be3dd3 Compare March 22, 2026 02:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants