build(deps): bump axios and start-server-and-test in /client

[dependabot]

Bumps axios and start-server-and-test. These dependencies needed to be updated together.
Updates axios from 0.21.4 to 1.12.1

Release notes

Sourced from axios's releases.

Release v1.12.1

Release notes:

Bug Fixes

• types: fixed env config types; (#7020) (b5f26b7)

Contributors to this release

• Dmitriy Mozgovoy

Release v1.12.0

Release notes:

Bug Fixes

• adding build artifacts (9ec86de)
• dont add dist on release (a2edc36)
• fetch-adapter: set correct Content-Type for Node FormData (#6998) (a9f47af)
• node: enforce maxContentLength for data: URLs (#7011) (945435f)
• package exports (#5627) (aa78ac2)
• params: removing '[' and ']' from URL encode exclude characters (#3316) (#5715) (6d84189)
• release pr run (fd7f404)
• types: change the type guard on isCancel (#5595) (0dbb7fd)

Features

• adapter: surface low‑level network error details; attach original error via cause (#6982) (78b290c)
• fetch: add fetch, Request, Response env config variables for the adapter; (#7003) (c959ff2)
• support reviver on JSON.parse (#5926) (2a97634), closes #5924
• types: extend AxiosResponse interface to include custom headers type (#6782) (7960d34)

Contributors to this release

• Willian Agostini
• Dmitriy Mozgovoy
• khani
• Ameer Assadi
• Emiedonmokumo Dick-Boro
• Zeroday BYTE
• Jason Saayman
• 최예찬
• Gligor Kotushevski
• Aleksandar Dimitrov

Release v1.11.0

Release notes:

Bug Fixes

• form-data npm pakcage (#6970) (e72c193)
• prevent RangeError when using large Buffers (#6961) (a2214ca)

... (truncated)

Changelog

Sourced from axios's changelog.

1.12.1 (2025-09-12)

Bug Fixes

• types: fixed env config types; (#7020) (b5f26b7)

Contributors to this release

• Dmitriy Mozgovoy

1.12.0 (2025-09-11)

Bug Fixes

• adding build artifacts (9ec86de)
• dont add dist on release (a2edc36)
• fetch-adapter: set correct Content-Type for Node FormData (#6998) (a9f47af)
• node: enforce maxContentLength for data: URLs (#7011) (945435f)
• package exports (#5627) (aa78ac2)
• params: removing '[' and ']' from URL encode exclude characters (#3316) (#5715) (6d84189)
• release pr run (fd7f404)
• types: change the type guard on isCancel (#5595) (0dbb7fd)

Features

• adapter: surface low‑level network error details; attach original error via cause (#6982) (78b290c)
• fetch: add fetch, Request, Response env config variables for the adapter; (#7003) (c959ff2)
• support reviver on JSON.parse (#5926) (2a97634), closes #5924
• types: extend AxiosResponse interface to include custom headers type (#6782) (7960d34)

Contributors to this release

• Willian Agostini
• Dmitriy Mozgovoy
• khani
• Ameer Assadi
• Emiedonmokumo Dick-Boro
• Zeroday BYTE
• Jason Saayman
• 최예찬
• Gligor Kotushevski
• Aleksandar Dimitrov

1.11.0 (2025-07-22)

Bug Fixes

... (truncated)

Commits

• 3cac78c chore(release): v1.12.1 (#7021)
• b5f26b7 fix(types): fixed env config types; (#7020)
• 0d8ad6e chore(release): v1.12.0 (#7013)
• fd7f404 fix: release pr run
• a2edc36 fix: dont add dist on release
• 9ec86de fix: adding build artifacts
• 945435f fix(node): enforce maxContentLength for data: URLs (#7011)
• 28e5e30 chore(sponsor): update sponsor block (#7005)
• d03f245 chore(CI): fixed release info script to use npm registry instead of git as fi...
• a0bc911 chore: removing dist files from src (#7002)
• Additional commits viewable in compare view

Updates start-server-and-test from 1.14.0 to 2.1.0

Release notes

Sourced from start-server-and-test's releases.

v2.1.0

2.1.0 (2025-09-04)

Features

• support axios proxy (#402) (b399fec)

v2.0.13

2.0.13 (2025-08-03)

Bug Fixes

• deps: update dependency wait-on to v8.0.4 (#405) (6385e1d)

v2.0.12

2.0.12 (2025-05-15)

Bug Fixes

• deps: update dependency debug to v4.4.1 (#403) (b3b82c0)

v2.0.11

2.0.11 (2025-03-13)

Bug Fixes

• deps: update dependency wait-on to v8.0.3 (#400) (005ee08)

v2.0.10

2.0.10 (2025-01-14)

Bug Fixes

• deps: update dependency wait-on to v8.0.2 (#399) (a514875)

v2.0.9

2.0.9 (2024-12-11)

Bug Fixes

• deps: update dependency debug to v4.4.0 (#397) (0f057d7)

v2.0.8

2.0.8 (2024-09-16)

... (truncated)

Commits

• b399fec feat: support axios proxy (#402)
• 6385e1d fix(deps): update dependency wait-on to v8.0.4 (#405)
• b3b82c0 fix(deps): update dependency debug to v4.4.1 (#403)
• 005ee08 fix(deps): update dependency wait-on to v8.0.3 (#400)
• a514875 fix(deps): update dependency wait-on to v8.0.2 (#399)
• 0f057d7 fix(deps): update dependency debug to v4.4.0 (#397)
• fe1c25d fix(deps): update dependency wait-on to v8.0.1
• d814a72 fix(deps): update dependency wait-on to v8 (#386)
• 78c6f53 fix(deps): update dependency debug to v4.3.7
• 8ebb70b fix(deps): update dependency debug to v4.3.6
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[TheRedHatter]

Checkmarx One – Scan Summary & Details – 1e718c72-3faf-4dc5-98fa-0730523124fc

New Issues (4)

Checkmarx found the following issues in this Pull Request

Severity	Issue	Source File / Package	Checkmarx Insight
	Client_HTML5_Insecure_Storage	/client/src/pages/main/Contact.tsx: 18	details The application stores data setItem on the client, in an insecure manner, at line 14 of /client/src/api/makeApiRequest.ts. ID: uiK52hD26OkcWZgBOsJ25UlWgLY%3D Attack Vector
	Client_HTML5_Insecure_Storage	/client/src/pages/main/Contact.tsx: 15	details The application stores data setItem on the client, in an insecure manner, at line 14 of /client/src/api/makeApiRequest.ts. ID: JZDg45NluuE%2FqR%2Bp%2BWCS0x1tZLA%3D Attack Vector
	Client_HTML5_Insecure_Storage	/client/src/pages/main/Contact.tsx: 16	details The application stores data setItem on the client, in an insecure manner, at line 14 of /client/src/api/makeApiRequest.ts. ID: %2BtI6gXdp3CQHT6EvDNvc%2FI39dCw%3D Attack Vector
	Client_HTML5_Insecure_Storage	/client/src/pages/main/Contact.tsx: 17	details The application stores data setItem on the client, in an insecure manner, at line 14 of /client/src/api/makeApiRequest.ts. ID: TRaxCrq1rJuovIK6EiRB0NFsaXc%3D Attack Vector

Fixed Issues (5)

Great job! The following issues were fixed in this Pull Request

Severity	Issue	Source File / Package
	CVE-2022-46175	Npm-json5-2.2.0
	CVE-2023-45133	Npm-@babel/traverse-7.16.3
	CVE-2025-45767	Npm-jose-4.13.1
	Cxc7705965-e0f0	Npm-@babel/core-7.12.3
	CVE-2023-26159	Npm-follow-redirects-1.14.8

---

Use @Checkmarx to reach out to us for assistance.

Just send a PR comment with @Checkmarx followed by a natural language request.

Examples: @Checkmarx how are you able to help me? @Checkmarx rescan this PR