deps(deps): bump axios and @slack/webhook

[dependabot]

Bumps axios and @slack/webhook. These dependencies needed to be updated together.
Updates axios from 0.21.4 to 1.13.6

Release notes

Sourced from axios's releases.

v1.13.6

This release focuses on platform compatibility, error handling improvements, and code quality maintenance.

⚠️ Important Changes

• Breaking Changes: None identified in this release.
• Action Required: Users targeting React Native should verify their integration, particularly if relying on specific Blob or FormData behaviours, as improvements have been made to support these objects.

🚀 New Features

• React Native Blob Support: Axios now includes support for React Native Blob objects. Thanks to @​moh3n9595 for the initial implementation. (#5764)
• Code Quality: Implemented prettier across the codebase and resolved associated formatting issues. (#7385)

🐛 Bug Fixes

• Environment Compatibility:

  • Fixed module exports for React Native and Browserify environments. (#7386)
  • Added safe FormData detection for the WeChat Mini Program environment. (#7324)

• Error Handling:

  • AxiosError.message is now correctly enumerable. (#7392)
  • AxiosError.from now correctly copies the status property from the source error, ensuring better error propagation. (#7403)

🔧 Maintenance & Chores

• Dependencies: Updated the development_dependencies group (5 updates). (#7432)
• Infrastructure: Migrated @​rollup/plugin-babel from v5.3.1 to v6.1.0. (#7424)
• Documentation: Added missing JSDoc comments to utilities. (#7427)

🌟 New Contributors

We are thrilled to welcome our new contributors! Thank you for helping improve the project:

• @​Gudahtt (#7386)
• @​ybbus (#7392)
• @​Shiwaangee (#7324)
• @​skrtheboss (#7403)
• @​Janaka66 (#7427)
• @​moh3n9595 (#5764)
• @​digital-wizard48 (#7424)

Full Changelog: v1.13.5...v1.13.6

v1.13.5

Release 1.13.5

Highlights

• Security: Fixed a potential Denial of Service issue involving the __proto__ key in mergeConfig. (PR #7369)
• Bug fix: Resolved an issue where AxiosError could be missing the status field on and after v1.13.3. (PR #7368)

Changes

Security

• Fix Denial of Service via __proto__ key in mergeConfig. (PR #7369)

... (truncated)

Commits

• 7108c88 chore(release): prepare release 1.13.6 (#7446)
• 20a0ba3 refactor(deps): migrate @​rollup/plugin-babel from v5.3.1 to v6.1.0 (#7424)
• 885b4af feat: support react native blob objects (#5764)
• 00d97b9 docs(utils): add missing JSDoc comments (#7427)
• 9712548 chore(deps-dev): bump the development_dependencies group across 1 directory w...
• d51accb fix(core): copy status from source error in AxiosError.from (#7403)
• 3e30bbf chore: fix publish to only run on v1 tags
• 672491d fix: safe FormData detection for WeChat Mini Program (#7306) (#7324)
• 822e3e4 fix: make AxiosError.message property enumerable (#7392)
• ef3711d feat: implement prettier and fix all issues (#7385)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for axios since your current version.

Install script changes

This version adds prepare script that runs during installation. Review the package contents before updating.

Updates @slack/webhook from 6.1.0 to 7.0.7

Release notes

Sourced from @​slack/webhook's releases.

@​slack/webhook@​7.0.7

Patch Changes

• 370cf22: chore(deps): bump axios to ^1.13.5

@​slack/webhook@​7.0.6

What's Changed

This release includes a security patch to internal dependencies. 🔏 ✨

📚 Documentation

• docs: update links, copy edit, apply style guide in #2294 - Thanks @​haleychaas!
• docs: autogenerated typedoc reference in #2308 - Thanks @​lukegalbraithrussell!

🤖 Dependencies

• chore(deps): bump axios from ^1.8.3 to ^1.11.0 in @​slack/webhook in #2335 - Thanks @​mwbrooks!
• chore(deps-dev): bump @​biomejs/biome to v2 for all packages in #2281 - Thanks @​mwbrooks!
• chore(deps-dev): bump mocha from 10.8.2 to 11.7.1 in /packages/webhook in the dev-mocha group in #2305 - Thanks @​dependabot!
• chore(deps-dev): bump nock from 13.5.6 to 14.0.6 in /packages/webhook in #2306 - Thanks @​dependabot!
• chore(deps-dev): bump typescript from 4.9.5 to 5.8.3 in /packages/webhook in #2309 - Thanks @​dependabot!
• chore(deps-dev): bump ts-node from 8.10.2 to 10.9.2 in /packages/webhook in #2310 - Thanks @​dependabot!
• chore(deps-dev): bump shx from 0.3.4 to 0.4.0 in /packages/webhook in #2311 - Thanks @​dependabot!
• chore(deps-dev): bump c8 from 9.1.0 to 10.1.3 in /packages/webhook in #2312 - Thanks @​dependabot!

🧰 Maintenance

• test: upload individual test results to codecov to gather stats in #2178 - Thanks @​zimeg!
• chore(webhook): release @​slack/webhook@​7.0.6 in #2338 - Thanks @​zimeg!

Package: https://www.npmjs.com/package/@​slack/webhook/v/7.0.6 Full Changelog: https://github.com/slackapi/node-slack-sdk/compare/@​slack/webhook@​7.0.5...@​slack/webhook@​7.0.6 Milestone: https://github.com/slackapi/node-slack-sdk/milestone/140?closed=1

@​slack/webhook@​7.0.5

What's Changed

This patch release updates the axios dependency used to send webhooks with internal bug fixes.

• fix(webhook): bump axios to 1.8.3 to address CVE-2025-27152 by @​zimeg in slackapi/node-slack-sdk#2173

Full Changelog: https://github.com/slackapi/node-slack-sdk/compare/@​slack/webhook@​7.0.4..@​slack/webhook@​7.0.5 Milestone: https://github.com/slackapi/node-slack-sdk/milestone/130

@​slack/webhook@​7.0.4

What's Changed

• chore(deps): bump minimum axios version for web-api and webhook to avoid security vuln by @​hello-ashleyintech in slackapi/node-slack-sdk#2116
• ci: check for changes to lints separate from writing changes by @​zimeg in slackapi/node-slack-sdk#2117
• chore: tsconfig skiplibcheck:true - dont typecheck dependency d.ts files slackapi/node-slack-sdk#1913 - thanks @​filmaj!

... (truncated)

Commits

• 59df200 chore: release (#2516)
• 370cf22 chore(deps): bump axios to ^1.13.5 (#2415)
• a9fa6c1 docs(maintainers): update release notes testing and publishing steps to be mo...
• 756d8b9 ci: add build step before publish (#2511)
• fe137db chore: release (#2509)
• 16a43ca fix(web-api): add channel_id to canvases.create method (#2505)
• f1fb7bf docs: add thinking steps release notes (#2510)
• 1fbce32 docs: add thinking steps changeset entries (#2508)
• c7dd4aa feat: add thinking steps (#2484)
• 941217f chore: release (#2503)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​slack/webhook since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[dependabot]

Labels

The following labels could not be found: npm. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.