New version of axios (1.14.0) broke the build

[depfu]

We've tested your project with an updated dependency and the build failed.

This version is either within the version range you specified or you haven't specified a version/range. To be able to test your project with the new version, we've taken the liberty of pinning the version for this branch and pull request.

name	version specification	new version
axios	^1.7.7	1.14.0

Unfortunately, we encountered failing tests after pinning. This means that this new version is not compatible with your project and the test failure will potentially also happen on fresh installs.

If you have correctly specified a semantic versioning version range, you should probably also file an issue with the upstream project as they might have released an update that's breaking SemVer rules, which is not cool. (But then again, not all projects explicitly follow SemVer)

We've left the pull request open for you to investigate this issue. Please don't merge it as is, because, again, we've pinned the version of axios for this test run.

What changed?

✳️ axios (^1.7.7 → 1.14.0) · Repo · Changelog

Release Notes

1.14.0

This release focuses on compatibility fixes, adapter stability improvements, and test/tooling modernisation.

⚠️ Important Changes

• Breaking Changes: None identified in this release.
• Action Required: If you rely on env-based proxy behaviour or CJS resolution edge-cases, validate your integration after upgrade (notably proxy-from-env v2 alignment and main entry compatibility fix).

🚀 New Features

• Runtime Features: No new end-user features were introduced in this release.
• Test Coverage Expansion: Added broader smoke/module test coverage for CJS and ESM package usage. (#7510)

🐛 Bug Fixes

• Headers: Trim trailing CRLF in normalised header values. (#7456)
• HTTP/2: Close detached HTTP/2 sessions on timeout to avoid lingering sessions. (#7457)
• Fetch Adapter: Cancel ReadableStream created during request-stream capability probing to prevent async resource leaks. (#7515)
• Proxy Handling: Fixed env proxy behavior with proxy-from-env v2 usage. (#7499)
• CommonJS Compatibility: Fixed package main entry regression affecting CJS consumers. (#7532)

🔧 Maintenance & Chores

• Security/Dependencies: Updated formidable and refreshed package set to newer versions. (#7533, #10556)
• Tooling: Continued migration to Vitest and modernised CI/test harnesses. (#7484, #7489, #7498)
• Build/Lint Stack: Rollup, ESLint, TypeScript, and related dev-dependency updates. (#7508, #7509, #7522)
• Documentation: Clarified JSON parsing and adapter-related docs/comments. (#7398, #7460, #7478)

🌟 New Contributors

We are thrilled to welcome our new contributors. Thank you for helping improve Axios:

• @aviu16 (#7456)
• @NETIZEN-11 (#7460)
• @fedotov (#7457)
• @nthbotast (#7478)
• @veeceey (#7398)
• @penkzhou (#7515)

Full Changelog: v1.13.6...v1.14.0

Does any of this look wrong? Please let us know.

Commits

See the full diff on Github. The new version differs by 33 commits:

• chore(release): prepare release 1.14.0 (#10563)
• chore: add AI Moderator workflow for spam detection (#10551)
• chore(sponsor): update sponsor block (#10557)
• fix: updated release flow to match the current flows (#10562)
• Update packages to latest version (#10556)
• fix: formidable dependency vulnerable to arbitrary (#7533)
• chore(deps-dev): bump @babel/preset-env (#7531)
• fix: bug axios breaks commonjs compatibility main entry (#7532)
• fix: dependabot uses the correct labels (#7530)
• chore: upgrade to latest ts (#7522)
• chore(deps-dev): bump the development_dependencies group with 2 updates (#7517)
• chore: migrate get stream to latest (#7516)
• fix(fetch): cancel ReadableStream body after request stream capability probe (#7515)
• chore: update module test for full check (#7510)
• refactor: update eslint to v10 (#7509)
• chore: upgrade to the latest rollup (#7508)
• refactor: ci to not use file but rather packed dist (#7507)
• refactor: migrate express test harness (#7506)
• refactor: migrate husky 9 (#7505)
• chore: bump trival updates (#7504)
• chore(deps-dev): bump multer from 1.4.4 to 2.1.1 (#7480)
• chore(deps): bump tar and pacote (#7491)
• chore: remove un-needed packages (#7501)
• fix: proxy from env v2 fix (#7499)
• docs: clarify silentJSONParsing requires explicit responseType: 'json' (#7398)
• refactor: remove old test suite update docs (#7498)
• docs(buildURL): fix outdated encode() comment (#7478)
• refactor: refresh test suite to be modernised (#7489)
• fix(http): closing detached http2 session on timeout (#7457)
• Update unit testing flows as part of migration to vitest (#7484)
• docs: clarify behavior and relation to (#7460)
• fix(headers): trim trailing CRLF in normalized header values (#7456)
• chore(deps-dev): bump minimatch from 3.1.2 to 3.1.5 (#7453)

[depfu]

Closed in favor of #362.