[Snyk] Security upgrade axios from 1.7.7 to 1.12.0

[YounixM]

Snyk has created this PR to fix 1 vulnerabilities in the yarn dependencies of this project.

Snyk changed the following file(s):

• frontend/package.json
• frontend/yarn.lock

Note for zero-installs users

If you are using the Yarn feature zero-installs that was introduced in Yarn V2, note that this PR does not update the .yarn/cache/ directory meaning this code cannot be pulled and immediately developed on as one would expect for a zero-install project - you will need to run yarn to update the contents of the ./yarn/cache directory.
If you are not using zero-install you can ignore this as your flow should likely be unchanged.

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Allocation of Resources Without Limits or Throttling SNYK-JS-AXIOS-12613773	738

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Allocation of Resources Without Limits or Throttling

---

Important

Upgrade axios to 1.12.0 in frontend/package.json and frontend/yarn.lock to fix a security vulnerability.

• Security Update:
  • Upgrade axios from 1.7.7 to 1.12.0 in frontend/package.json and frontend/yarn.lock to fix vulnerability SNYK-JS-AXIOS-12613773.
• Zero-Installs Note:
  • .yarn/cache/ not updated; zero-installs users must run yarn to update cache.

^{This description was created by for 6ad0446. You can customize this summary. It will automatically update as commits are pushed.}

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

[github-actions]

Build Error! No Linked Issue found. Please link an issue or mention it in the body using #<issue_id>

[github-actions]

Build Error! No Linked Issue found. Please link an issue or mention it in the body using #<issue_id>

[ellipsis-dev]

Important

Looks good to me! 👍

Reviewed everything up to 6ad0446 in 48 seconds. Click for details.

• Reviewed 13 lines of code in 1 files
• Skipped 1 files when reviewing.
• Skipped posting 1 draft comments. View those below.
• Modify your settings and rules to customize what types of comments Ellipsis leaves. And don't forget to react with 👍 or 👎 to teach Ellipsis.

1. frontend/package.json:54

• Draft comment:
  Axios version bump from 1.7.7 to 1.12.0 addresses the security vulnerability (SNYK-JS-AXIOS-12613773). Please ensure that no breaking changes affect our API handling and that all tests pass.
• Reason this comment was not posted:
  Comment did not seem useful. Confidence is useful = 0% <= threshold 50% This comment is related to a dependency change, specifically a version bump for Axios. The comment asks the PR author to ensure that no breaking changes affect API handling and that all tests pass. According to the rules, comments should not ask the author to ensure that changes are tested or verified for compatibility. Therefore, this comment violates the rules and should be removed.

Workflow ID: wflow_cJ0OKJcSzYnQB9Qc

^{You can customize by changing your verbosity settings, reacting with 👍 or 👎, replying to comments, or adding code review rules.}