Bump the npm_and_yarn group across 1 directory with 3 updates

[dependabot]

Bumps the npm_and_yarn group with 2 updates in the /StudyRoom/StudyRoom.elementui directory: axios and vue.

Updates axios from 0.18.1 to 0.30.3

Release notes

Sourced from axios's releases.

Release notes - v0.30.3

This is a critical security maintenance release for the v0.x branch. It addresses a high-priority vulnerability involving prototype pollution that could lead to a Denial of Service (DoS).

Recommendation: All users currently on the 0.x release line should upgrade to this version immediately to ensure environment stability.

🛡️ Security Fixes

• Backport: Fix DoS via proto key in merge config
  • Patched a vulnerability where specifically crafted configuration objects using the proto key could cause a Denial of Service during the merge process. - by @​FeBe95 in [PR #7388](axios/axios#7388)

⚙️ Maintenance & CI

• CI Infrastructure Update
  • Updated Continuous Integration workflows for the v0.x branch to maintain long-term support and build reliability. - by @​jasonsaayman in [PR #7407](axios/axios#7407)

⚠️ Breaking Changes

Configuration Merging Behavior:

As part of the security fix, Axios now restricts the merging of the proto key within configuration objects. If your codebase relies on unconventional deep-merging patterns that target the object prototype via Axios config, those operations will now be blocked. This is a necessary change to prevent prototype pollution.

Full Changelog: v0.30.2...v0.30.3

v0.30.2

What's Changed

• Backport maxContentLength vulnerability fix to v0.x by @​FeBe95 in axios/axios#7034

New Contributors

• @​FeBe95 made their first contribution in axios/axios#7034

Full Changelog: axios/axios@v0.30.1...v0.30.2

Release v0.30.1

Release notes:

Bug Fixes

• chore(deps): bump form-data from 4.0.0 to 4.0.4 for v0.x by @​wolandec in axios/axios#6978

Contributors to this release

• @​wolandec made their first contribution in axios/axios#6978

Full Changelog: axios/axios@v0.30.0...v0.30.1

Release v0.30.0

Release notes:

Bug Fixes

• fix: modify log while request is aborted by @​mori5321 in axios/axios#4917
• fix: update CHANGELOG.md for v0.x by @​TehZarathustra in axios/axios#6271
• fix: modify upgrade guide for 0.28.1's breaking change by @​nafeger in axios/axios#6787

... (truncated)

Commits

• f53bcf6 chore: release 0.30.2
• 3ddccd3 chore: remove publish as this wont work
• 9ef39d0 chore: try with npm token
• 4775de6 chore: fix version scheme
• f96f26b chore: fix issues with using replace
• ead45c2 chore: update the publish workflow to run on tag
• 8119265 chore: tag version as legacy on v0.x
• 9954985 chore: dispatch for first time
• 3f8b70f chore: final rename
• c665584 chore: revert naming
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by jasonsaayman, a new releaser for axios since your current version.

Updates vue from 2.7.16 to 3.0.0

Changelog

Sourced from vue's changelog.

3.0.0 (2020-09-18)

3.0.0-rc.13 (2020-09-18)

Bug Fixes

• hmr: make hmr working with class components (#2144) (422f05e)
• reactivity: avoid length mutating array methods causing infinite updates (#2138) (f316a33), closes #2137
• suspense: should discard unmount effects of invalidated pending branch (5bfcad1)
• types: component instance inference without props (#2145) (57bdaa2)

Code Refactoring

• watch APIs default to trigger pre-flush (49bb447), closes vuejs/vue-next#1706

Features

• runtime-core: support using inject() inside props default functions (58c31e3)
• watch: support dot-delimited path in watch option (1c9a0b3)

BREAKING CHANGES

• watch APIs now default to use flush: 'pre' instead of flush: 'post'. This change affects watch, watchEffect, the watch component option, and this.$watch. See (49bb447) for more details.

3.0.0-rc.12 (2020-09-16)

Bug Fixes

• reactivity: effect should only recursively self trigger with explicit options (3810de7), closes #2125
• runtime-core: ensure root stable fragments inherit elements for moving (bebd44f), closes #2134
• runtime-core: should still do full traverse of stable fragment children in dev + hmr (dd40ad8)
• runtime-core/async-component: fix error component when there are no error handlers (c7b4a37), closes #2129
• types/tsx: optional props from Mixin/Extends are treated as required (#2048) (89e9ab8)

Features

• compiler-sfc: additionalData support for css preprocessors (#2126) (066d514)

3.0.0-rc.11 (2020-09-15)

... (truncated)

Commits

• See full diff in compare view

Updates follow-redirects from 1.5.10 to 1.15.11

Commits

• 21ef28a Release version 1.15.11 of the npm package.
• 7c88135 Roll back tree shaking.
• 6e389ba Release version 1.15.10 of the npm package.
• 5bc496e Shake me up before you go-go.
• 694d6b4 Bump minimist from 1.2.5 to 1.2.8
• e4e55c7 Release version 1.15.9 of the npm package.
• 31a1abf Attempt much more gentle detection.
• d2aaa97 Fix url field.
• 62558f0 Release version 1.15.8 of the npm package.
• a8d1cee Return subtlety.
• Additional commits viewable in compare view