Bump axios and arweave in /test

[dependabot[bot]]

Removes axios. It's no longer used after updating ancestor dependency arweave. These dependencies need to be updated together.

Removes axios

Updates arweave from 1.10.23 to 1.14.4

Release notes

Sourced from arweave's releases.

Potentially breaking fix

Patch includes:

1. README edits
2. New argument check for node-driver hash function.

Point 2 enforces not using strings in nodejs environments without type-checking (e.g. SW contracts).

Meaning: don’t allow string as data argument for hash(data: Uint8Array, algorithm?: string): Promise<Uint8Array>;

This ensures both code portability for browser execution, and future proofing against arweave-js upgrading to use NodeJS Web Crypto API.

Fix error handling

This maintenance release closes 4 long standing open issues:

• TypeError: Cannot read properties of undefined (reading 'replace') occurred when no wallet was found to sign transactions. We now do some jwk checks and close a logic opening which would result in an undefined object being treated as a jwk object, and return a more meaningful error.
• arweave.api now decodes retrieved text txs with specified charset in it's Content-Type header (as opposed to defaulting all text to UTF-8).
• Throw an error when getPrice receives a bad response from the server.
• Throw an error when getTransactionAnchor receives a bad response from the server.

v1.13.0

Arweave.init changes

• improved host detection
• clips off subdomain so that ArNS domains can use the gateway

Arweave.api

• expose web stream

v1.12.4

Release Notes

This update allows arweave-js to run in modern environments such as Chrome Extension Manifest V3.

Rationale: It seems like the industry is moving towards dropping the original XmlHttpRequest API in favour of Fetch API. Examples include the above browser extensions standard and web workers, which only support Fetch API.

Why not add a package like node-fetch? To simplify, rather than adding more complications to our inherited code, but PRs welcome.

Added dependency

Fetch API. Available in all modern browsers. Available as standard since node v18+ (*opt-in experimental since node v16.5).

Removed dependencies

Axios, node:utils (polyfill)

*Notes for NodeJS v16.5 - v17

To run with node v16.5+, you need to specify the --experimental-fetch flag in your app.

Examples

These can be added to your packages.json start script, or Dockerfile entrypoint

... (truncated)

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.