From 6eedbd697239fa2d261228793b74e1b1fda816a1 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 21 Oct 2024 14:46:07 -0600
Subject: [PATCH 1/3] build(deps): bump the production-dependencies group
 across 1 directory with 2 updates (#1397)

Bumps the production-dependencies group with 2 updates in the / directory: [axios](https://github.com/axios/axios) and [contentful-management](https://github.com/contentful/contentful-management.js).


Updates `axios` from 1.7.4 to 1.7.7
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](https://github.com/axios/axios/compare/v1.7.4...v1.7.7)

Updates `contentful-management` from 11.31.4 to 11.35.1
- [Release notes](https://github.com/contentful/contentful-management.js/releases)
- [Changelog](https://github.com/contentful/contentful-management.js/blob/master/CHANGELOG.md)
- [Commits](https://github.com/contentful/contentful-management.js/compare/v11.31.4...v11.35.1)

---
updated-dependencies:
- dependency-name: axios
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: contentful-management
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 package-lock.json | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index e6d86313..c578279e 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -3720,9 +3720,9 @@
       }
     },
     "node_modules/axios": {
-      "version": "1.7.4",
-      "resolved": "https://registry.npmjs.org/axios/-/axios-1.7.4.tgz",
-      "integrity": "sha512-DukmaFRnY6AzAALSH4J2M3k6PkaC+MfaAGdEERRWcC9q3/TWQwLpHR8ZRLKTdQ3aBDL64EdluRDjJqKw+BPZEw==",
+      "version": "1.7.7",
+      "resolved": "https://registry.npmjs.org/axios/-/axios-1.7.7.tgz",
+      "integrity": "sha512-S4kL7XrjgBmvdGut0sN3yJxqYzrDOnivkBiN0OFs6hLiUam3UPvswUo0kqGyhqUZGEOytHyumEdXsAkgCOUf3Q==",
       "dependencies": {
         "follow-redirects": "^1.15.6",
         "form-data": "^4.0.0",
@@ -4693,12 +4693,12 @@
       }
     },
     "node_modules/contentful-management": {
-      "version": "11.31.4",
-      "resolved": "https://registry.npmjs.org/contentful-management/-/contentful-management-11.31.4.tgz",
-      "integrity": "sha512-gN2wz4lHw4hfh0aQ9X5uirfa0F5gJDgTOyJceSPa86+xPR0T0DfPVNrGeXg0w+HXXTgLmWl+LiinXvCPNW9wTA==",
+      "version": "11.35.1",
+      "resolved": "https://registry.npmjs.org/contentful-management/-/contentful-management-11.35.1.tgz",
+      "integrity": "sha512-PBOFpeOCzwx7+PQtHhgFRNB8wnlgUKUj+3rTucaMIYot5l9YA4804P9VYWq6Mg8/PJnFjavQrtay6HtqWDyYMw==",
       "dependencies": {
         "@contentful/rich-text-types": "^16.6.1",
-        "axios": "^1.7.2",
+        "axios": "^1.7.4",
         "contentful-sdk-core": "^8.3.1",
         "fast-copy": "^3.0.0"
       },

From 29f4538649b8334e930f639685edf9b64c020779 Mon Sep 17 00:00:00 2001
From: Bob Hemphill <robert.hemphill@contentful.com>
Date: Wed, 23 Oct 2024 20:58:15 -0600
Subject: [PATCH 2/3] chore: bump axios & contentful-management to explicit
 version ranges with vuln fix [ZEND-5523]

---
 package-lock.json | 4 ++--
 package.json      | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index c578279e..39de052b 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -10,12 +10,12 @@
       "license": "MIT",
       "dependencies": {
         "@hapi/hoek": "^11.0.4",
-        "axios": "^1.6.2",
+        "axios": "^1.7.7",
         "bluebird": "^3.7.2",
         "callsites": "^3.1.0",
         "cardinal": "^2.1.1",
         "chalk": "^4.0.0",
-        "contentful-management": "^11.15.0",
+        "contentful-management": "^11.35.1",
         "didyoumean2": "^5.0.0",
         "https-proxy-agent": "^5.0.0",
         "inquirer": "^8.1.2",
diff --git a/package.json b/package.json
index 9ce017d7..191748dc 100644
--- a/package.json
+++ b/package.json
@@ -52,12 +52,12 @@
   ],
   "dependencies": {
     "@hapi/hoek": "^11.0.4",
-    "axios": "^1.6.2",
+    "axios": "^1.7.7",
     "bluebird": "^3.7.2",
     "callsites": "^3.1.0",
     "cardinal": "^2.1.1",
     "chalk": "^4.0.0",
-    "contentful-management": "^11.15.0",
+    "contentful-management": "^11.35.1",
     "didyoumean2": "^5.0.0",
     "https-proxy-agent": "^5.0.0",
     "inquirer": "^8.1.2",

From 77b4788fba0a40fe463cd8228bd5126848ce1ba3 Mon Sep 17 00:00:00 2001
From: Bob Hemphill <robert.hemphill@contentful.com>
Date: Thu, 24 Oct 2024 09:57:24 -0600
Subject: [PATCH 3/3] fix: no-op bump contentful management, axios [ZEND-5523]