[Snyk] Security upgrade axios from 1.7.4 to 1.13.5

[djdiptayan1]

Snyk has created this PR to fix 1 vulnerabilities in the yarn dependencies of this project.

Snyk changed the following file(s):

• package.json
• yarn.lock

Note for zero-installs users

If you are using the Yarn feature zero-installs that was introduced in Yarn V2, note that this PR does not update the .yarn/cache/ directory meaning this code cannot be pulled and immediately developed on as one would expect for a zero-install project - you will need to run yarn to update the contents of the ./yarn/cache directory.
If you are not using zero-install you can ignore this as your flow should likely be unchanged.

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Prototype Pollution SNYK-JS-AXIOS-15252993	828

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
githubsrmv2	Ready	Preview, Comment	Feb 17, 2026 10:59am

[coderabbitai]

Important

Review skipped

Ignore keyword(s) in the title.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch snyk-fix-2505aed6b20a22947627de1e6a89255e

Tip

Issue Planner is now in beta. Read the docs and try it out! Share your feedback on Discord.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[Copilot]

Pull request overview

This PR claims to be a Snyk-generated security upgrade for axios from version 1.7.4 to 1.13.5 to address a high-severity Prototype Pollution vulnerability (SNYK-JS-AXIOS-15252993 with a score of 828). However, there are critical issues with this PR that require immediate attention.

Changes:

• Upgrades axios dependency from ^1.7.3 to ^1.13.5 in package.json
• Updates yarn.lock with new axios version and multiple new transitive dependencies
• Includes undocumented Next.js version updates (14.2.5 → 14.2.35 for @next/env, and various @next/swc packages updated to 14.2.33)

Reviewed changes

Copilot reviewed 1 out of 2 changed files in this pull request and generated no comments.

File	Description
package.json	Updates axios version from ^1.7.3 to ^1.13.5
yarn.lock	Updates axios, its dependencies (follow-redirects, form-data), adds multiple new transitive dependencies, and includes undocumented Next.js package updates

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.