Skip to content

chore(deps): update axios and related dependencies#105

Closed
Seth-Schmidt wants to merge 2 commits intomainfrom
feature/pro-337-update-axios-in-contractssafe
Closed

chore(deps): update axios and related dependencies#105
Seth-Schmidt wants to merge 2 commits intomainfrom
feature/pro-337-update-axios-in-contractssafe

Conversation

@Seth-Schmidt
Copy link
Copy Markdown
Contributor

@Seth-Schmidt Seth-Schmidt commented Apr 14, 2026
edited
Loading

Summary

Alternate PR for: #103

Closes: https://linear.app/zama/issue/PRO-337/update-axios-in-contractssafe

Bumps axios to 1.15.0 across contracts/safe, contracts/confidential-wrapper, contracts/staking, contracts/feesBurner, and contracts/pauserSetWrapper, and updates its dependencies:

  • follow-redirects to 1.15.11
  • form-data to 4.0.5
  • proxy-from-env to 2.1.0

Also removes the axios dependency from hardhat-deploy.

Applied via an "axios": "^1.15.0" entry in the overrides block of each affected package.json, with package-lock.json regenerated accordingly.

Affected packages (previous → new axios version):

  • contracts/safe: 1.13.0 → 1.15.0
  • contracts/confidential-wrapper: 1.13.2 → 1.15.0
  • contracts/staking: 1.12.2 → 1.15.0
  • contracts/feesBurner: 0.21.4 (top-level, via hardhat-deploy) and 1.13.1 (nested) → 1.15.0
  • contracts/pauserSetWrapper: 0.21.4 (top-level, via hardhat-deploy) and 1.13.1 (nested) → 1.15.0

updated-dependencies:

  • dependency-name: axios dependency-version: 1.15.0 dependency-type: direct
  • dependency-name: follow-redirects dependency-version: 1.15.11 dependency-type: indirect
  • dependency-name: form-data dependency-version: 4.0.5 dependency-type: indirect
  • dependency-name: proxy-from-env dependency-version: 2.1.0 dependency-type: indirect

Verification:

HTTP smoke test against live endpoints — to confirm the axios 1.15.0 resolved in each package works for hardhat-deploy's exact call shapes, a script invoking axios.get, axios.post with FormData, and axios.request was run from each package's context against Sourcify and Etherscan. All four call shapes returned structured responses (never threw) in every package:

Package axios resolved sourcify GET etherscan GET sourcify POST (FormData) axios.request
contracts/safe 1.15.0 200 200 404¹ 200
contracts/confidential-wrapper 1.15.0 200 200 404¹ 200
contracts/staking 1.15.0 200 200 404¹ 200
contracts/feesBurner 1.15.0 200 200 404¹ 200
contracts/pauserSetWrapper 1.15.0 200 200 404¹ 200

¹ The 404 on the POST reflects Sourcify rejecting a deliberately bogus payload

@Seth-Schmidt
chore(deps): update axios and related dependencies
27cbed1 
Bumps axios from 1.13.0 to 1.15.0 and updates its dependencies:
- follow-redirects from 1.15.6 to 1.15.11
- form-data from 4.0.4 to 4.0.5
- proxy-from-env from 1.1.0 to 2.1.0

Also removes the axios dependency from hardhat-deploy.

---
updated-dependencies:
- dependency-name: axios
  dependency-version: 1.15.0
  dependency-type: direct
- dependency-name: follow-redirects
  dependency-version: 1.15.11
  dependency-type: indirect
- dependency-name: form-data
  dependency-version: 4.0.5
  dependency-type: indirect
- dependency-name: proxy-from-env
  dependency-version: 2.1.0
  dependency-type: indirect
...
@Seth-Schmidt Seth-Schmidt self-assigned this Apr 14, 2026
@cla-bot cla-bot Bot added the cla-signed label Apr 14, 2026
@Seth-Schmidt Seth-Schmidt marked this pull request as ready for review April 14, 2026 21:41
@Seth-Schmidt Seth-Schmidt requested review from a team and mortendahl as code owners April 14, 2026 21:41
@Seth-Schmidt Seth-Schmidt changed the title chore(deps): update axios and related dependencies chore(deps): update axios and related dependencies in contracts/safe Apr 17, 2026
@Seth-Schmidt Seth-Schmidt changed the title chore(deps): update axios and related dependencies in contracts/safe chore(deps): update axios and related dependencies Apr 17, 2026
@Seth-Schmidt
chore(deps): update axios to version 1.15.0 across multiple contracts
6b99012 
Bumps axios from previous versions to 1.15.0 in the following contracts:
- confidential-wrapper
- feesBurner
- pauserSetWrapper
- staking

Also updates related dependencies:
- follow-redirects from 1.15.6 to 1.15.11
- form-data from 4.0.4 to 4.0.5
- proxy-from-env from 1.1.0 to 2.1.0

Removes outdated axios dependencies from hardhat-gas-reporter.

---
updated-dependencies:
- dependency-name: axios
  dependency-version: 1.15.0
  dependency-type: direct
- dependency-name: follow-redirects
  dependency-version: 1.15.11
  dependency-type: indirect
- dependency-name: form-data
  dependency-version: 4.0.5
  dependency-type: indirect
- dependency-name: proxy-from-env
  dependency-version: 2.1.0
  dependency-type: indirect
@Seth-Schmidt
Copy link
Copy Markdown
Contributor Author

Seth-Schmidt commented Apr 28, 2026

Closing because this was included with #125

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mortendahl mortendahl Awaiting requested review from mortendahl mortendahl is a code owner

Assignees

@Seth-Schmidt Seth-Schmidt

Labels

cla-signed

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Seth-Schmidt