[Snyk] Security upgrade axios from 1.15.0 to 1.15.2

[chirag-madlani]

Snyk has created this PR to fix 12 vulnerabilities in the yarn dependencies of this project.

Snyk changed the following file(s):

• openmetadata-ui/src/main/resources/ui/package.json
• openmetadata-ui/src/main/resources/ui/yarn.lock

Note for zero-installs users

If you are using the Yarn feature zero-installs that was introduced in Yarn V2, note that this PR does not update the .yarn/cache/ directory meaning this code cannot be pulled and immediately developed on as one would expect for a zero-install project - you will need to run yarn to update the contents of the ./yarn/cache directory.
If you are not using zero-install you can ignore this as your flow should likely be unchanged.

Vulnerabilities that will be fixed with an upgrade:

	Issue
	Incomplete List of Disallowed Inputs SNYK-JS-AXIOS-16298046
	Improper Encoding or Escaping of Output SNYK-JS-AXIOS-16298055
	HTTP Response Splitting SNYK-JS-AXIOS-16298058
	Server-side Request Forgery (SSRF) SNYK-JS-AXIOS-16298095
	Allocation of Resources Without Limits or Throttling SNYK-JS-AXIOS-16298130
	Allocation of Resources Without Limits or Throttling SNYK-JS-AXIOS-16298162
	Insertion of Sensitive Information Into Sent Data SNYK-JS-AXIOS-16299478
	CRLF Injection SNYK-JS-AXIOS-16299819
	Prototype Pollution SNYK-JS-AXIOS-16299904
	Improperly Controlled Modification of Dynamically-Determined Object Attributes SNYK-JS-AXIOS-16299921
	Uncontrolled Recursion SNYK-JS-AXIOS-16299923
	Prototype Pollution SNYK-JS-AXIOS-16299925

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Improper Encoding or Escaping of Output
🦉 Server-side Request Forgery (SSRF)
🦉 Allocation of Resources Without Limits or Throttling
🦉 More lessons are available in Snyk Learn

[gitar-bot]

Code Review ✅ Approved

Security upgrade of axios to version 1.15.2 addresses identified vulnerabilities. No issues found.

Options

Display: compact → Showing less information.

Comment with these commands to change:

Compact

gitar display:verbose

_{Was this helpful? React with 👍 / 👎 | Gitar}

[github-actions]

❌ UI Checkstyle Failed

❌ ESLint + Prettier + Organise Imports (src)

One or more source files have linting or formatting issues.

❌ Licence Header

One or more files are missing or have an outdated Apache 2.0 licence header.

❌ I18n Sync

Translation locale files are out of sync with en-us.json.

❌ App Docs

Generated application docs are stale and need to be regenerated.

❌ Playwright — ESLint + Prettier + Organise Imports

One or more Playwright test files have linting or formatting issues.

---

Fix locally (fast — only checks files changed in this branch):

make ui-checkstyle-changed