[Snyk] Security upgrade axios from 1.10.0 to 1.12.0

[LCSOGthb]

Snyk has created this PR to fix 1 vulnerabilities in the npm dependencies of this project.

Snyk changed the following file(s):

• aq-dashboard/package.json
• aq-dashboard/package-lock.json

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Allocation of Resources Without Limits or Throttling SNYK-JS-AXIOS-12613773	89

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Allocation of Resources Without Limits or Throttling

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Preview	Comments	Updated (UTC)
airmerge	Ready	Preview	Comment	Sep 15, 2025 7:37am

[coderabbitai]

📝 Walkthrough

Summary by CodeRabbit

• Chores
  • Upgraded the underlying HTTP/networking library to the latest stable version to align with platform updates.
  • Improves connection reliability, consistency of error handling, and long-term maintainability.
  • No functional changes; existing features and workflows should behave as before.
  • Includes minor performance and security hardening from the upstream update.

Walkthrough

Updated dependency in aq-dashboard/package.json: axios version bumped from ^1.10.0 to ^1.12.0. No other files or exports changed.

Changes

Cohort / File(s)	Summary
Dependency update aq-dashboard/package.json	Bump axios from ^1.10.0 to ^1.12.0

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Poem

I twitch my nose at version snow, hop-light through fields of code—
A tiny bump, axios jumps, the dashboard’s lighter load.
Carrot logs and patchy fogs, I nibble, then I glide—
With semvers crisp like morning dew, I bound with bunny pride.
🥕✨

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title Check	✅ Passed	The title “[Snyk] Security upgrade axios from 1.10.0 to 1.12.0” clearly and concisely summarizes the primary change by indicating a security-driven dependency upgrade of axios from version 1.10.0 to 1.12.0, directly reflecting the modifications made in the pull request.
Description Check	✅ Passed	The pull request description provides relevant details about the Snyk-generated upgrade, lists the affected files, and explains the vulnerability being addressed, making it clearly related to the actual changes in the changeset.
Docstring Coverage	✅ Passed	No functions found in the changes. Docstring coverage check skipped.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch snyk-fix-9a3fc0d6512df09dba681b88510eda15

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e4b465f and 64e8ab0.

⛔ Files ignored due to path filters (1)

• aq-dashboard/package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (1)

• aq-dashboard/package.json (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: Codacy Static Code Analysis

🔇 Additional comments (1)

aq-dashboard/package.json (1)

14-14: Upgrade to axios 1.12.0 looks good

No breaking changes expected between 1.10.x and 1.12.x, and this aligns with the Snyk remediation target. Thanks for handling it promptly.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[deepsource-io]

Here's the code health analysis summary for commits e4b465f..64e8ab0. View details on DeepSource ↗.

Analysis Summary

Analyzer	Status	Summary	Link
Ruby	✅ Success		View Check ↗
Rust	✅ Success		View Check ↗
JavaScript	✅ Success		View Check ↗
Scala	✅ Success		View Check ↗
Shell	✅ Success		View Check ↗
Secrets	✅ Success		View Check ↗
Terraform	✅ Success		View Check ↗
Swift	✅ Success		View Check ↗
SQL	✅ Success		View Check ↗
Test coverage	⚠️ Artifact not reported	Timed out: Artifact was never reported	View Check ↗
C & C++	✅ Success		View Check ↗
C#	✅ Success		View Check ↗
Ansible	✅ Success		View Check ↗

---

💡 If you’re a repository administrator, you can configure the quality gates from the settings.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[LCSOGthb]

@coderabbitai review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.