@izak0s/mplusqapi-node 1.1.2 → 1.2.0

package/README.md

@@ -29,9 +29,10 @@ npm install @izak0s/mplusqapi-node
 ```
 
 **Runtime dependencies:**
-- [`axios`](https://github.com/axios/axios) — HTTP transport
 - [`fast-xml-parser`](https://github.com/NaturalIntelligence/fast-xml-parser) — XML parsing
 
+HTTP uses the built-in `node:https` module — no HTTP client dependency.
+
 ---
 
 ## Quick Start
@@ -84,7 +85,6 @@ const client = new MplusKassaClient({
   port: Number(process.env.MPLUS_PORT!),
   ident: process.env.MPLUS_IDENT!,
   secret: process.env.MPLUS_SECRET!,
-  rejectUnauthorized: false, // set to false for self-signed certs (e.g. local test servers)
 });
 ```
 
@@ -95,7 +95,6 @@ const client = new MplusKassaClient({
 | `timeout` | `30` | Request timeout in seconds |
 | `maxRetries` | `3` | Retry attempts on retryable transport errors (see below; SOAP faults are never retried) |
 | `retryDelay` | `500` | Base retry delay in ms, doubled per attempt (exponential backoff with jitter) |
-| `rejectUnauthorized` | `true` | Set `false` to accept self-signed TLS certificates |
 | `timezone` | `'Europe/Amsterdam'` | IANA zone used to interpret/emit the API's wall-clock date structs (see [Dates](#dates)) |
 | `signal` | — | `AbortSignal` to cancel all in-flight requests from this client (e.g. on shutdown) |
 
@@ -303,7 +302,7 @@ src/
   index.ts              Public exports
   errors.ts             Error hierarchy
   soap.ts               Envelope builder, response parser, serializers
-  transport.ts          HTTP client (axios)
+  transport.ts          HTTP client (node:https), retries, error mapping
   generated/            Auto-generated — do not edit manually
     types.ts            TypeScript interfaces and string union enums
     serializer.ts       TS objects → SOAP XML

package/dist/index.d.mts

@@ -9,8 +9,6 @@ interface TransportOptions {
     maxRetries?: number;
     /** Base retry delay in ms (exponential backoff). Default: 500. */
     retryDelay?: number;
-    /** Disable TLS certificate validation (not recommended in production). */
-    rejectUnauthorized?: boolean;
     /**
      * IANA time zone used to interpret/emit the API's wall-clock date structs.
      * Default: 'Europe/Amsterdam'. Process-wide — see setTimeZone in soap.ts.

package/dist/index.d.ts

@@ -9,8 +9,6 @@ interface TransportOptions {
     maxRetries?: number;
     /** Base retry delay in ms (exponential backoff). Default: 500. */
     retryDelay?: number;
-    /** Disable TLS certificate validation (not recommended in production). */
-    rejectUnauthorized?: boolean;
     /**
      * IANA time zone used to interpret/emit the API's wall-clock date structs.
      * Default: 'Europe/Amsterdam'. Process-wide — see setTimeZone in soap.ts.

package/dist/index.js

@@ -1,9 +1,7 @@
 "use strict";
-var __create = Object.create;
 var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;
-var __getProtoOf = Object.getPrototypeOf;
 var __hasOwnProp = Object.prototype.hasOwnProperty;
 var __export = (target, all) => {
   for (var name in all)
@@ -17,14 +15,6 @@ var __copyProps = (to, from, except, desc) => {
   }
   return to;
 };
-var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
-  // If the importer is in node compatibility mode or this is not an ESM
-  // file that has been converted to a CommonJS file using a Babel-
-  // compatible transform (i.e. "__esModule" has not been set), then set
-  // "default" to the CommonJS "module.exports" for node compatibility.
-  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
-  mod
-));
 var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
 
 // src/index.ts
@@ -48,7 +38,6 @@ module.exports = __toCommonJS(index_exports);
 var import_node_crypto = require("crypto");
 
 // src/transport.ts
-var import_axios = __toESM(require("axios"));
 var import_node_https = require("https");
 
 // src/errors.ts
@@ -246,29 +235,63 @@ function toArray(val) {
 
 // src/transport.ts
 var SAFE_RETRY_CODES = /* @__PURE__ */ new Set(["ECONNREFUSED", "ENOTFOUND", "EAI_AGAIN", "EHOSTUNREACH", "ENETUNREACH"]);
+function abortError() {
+  const e = new Error("Request aborted");
+  e.code = "ABORT_ERR";
+  return e;
+}
+var keepAliveAgent = new import_node_https.Agent({ keepAlive: true });
+var nodeHttpsClient = (req) => new Promise((resolve, reject) => {
+  const url = new URL(req.url);
+  const clientReq = (0, import_node_https.request)(
+    {
+      method: "POST",
+      hostname: url.hostname,
+      port: url.port,
+      path: url.pathname + url.search,
+      agent: keepAliveAgent,
+      headers: { ...req.headers, "Content-Length": Buffer.byteLength(req.body) }
+    },
+    (res) => {
+      const chunks = [];
+      res.on("data", (c) => chunks.push(c));
+      res.on("end", () => resolve({ status: res.statusCode ?? 0, body: Buffer.concat(chunks).toString("utf8") }));
+    }
+  );
+  clientReq.on("error", reject);
+  if (req.timeoutMs > 0) {
+    clientReq.setTimeout(req.timeoutMs, () => {
+      const e = new Error(`Request timed out after ${req.timeoutMs}ms`);
+      e.code = "ETIMEDOUT";
+      clientReq.destroy(e);
+    });
+  }
+  if (req.signal) {
+    if (req.signal.aborted) {
+      clientReq.destroy(abortError());
+    } else {
+      req.signal.addEventListener("abort", () => clientReq.destroy(abortError()), { once: true });
+    }
+  }
+  clientReq.write(req.body);
+  clientReq.end();
+});
 var SoapTransport = class {
-  constructor(options) {
+  constructor(options, httpClient = nodeHttpsClient) {
     if (options.timezone !== void 0) {
       setTimeZone(options.timezone);
     }
-    const scheme = "https";
-    this.endpoint = `${scheme}://${options.host}:${options.port}/`;
+    const query = new URLSearchParams({ ident: options.ident, secret: options.secret });
+    this.url = `https://${options.host}:${options.port}/?${query.toString()}`;
+    this.baseHeaders = {
+      "Content-Type": "text/xml; charset=utf-8",
+      "User-Agent": "mplusqapi-node"
+    };
+    this.timeoutMs = (options.timeout ?? 30) * 1e3;
     this.maxRetries = options.maxRetries ?? 3;
     this.retryDelay = options.retryDelay ?? 500;
     this.signal = options.signal;
-    this.http = import_axios.default.create({
-      baseURL: this.endpoint,
-      params: { ident: options.ident, secret: options.secret },
-      headers: {
-        "Content-Type": "text/xml; charset=utf-8",
-        "User-Agent": "mplusqapi-node/1.0.0"
-      },
-      httpsAgent: options.rejectUnauthorized === false ? new import_node_https.Agent({ rejectUnauthorized: false }) : void 0,
-      timeout: (options.timeout ?? 30) * 1e3,
-      // The body is always XML — never let axios JSON-parse it.
-      responseType: "text",
-      signal: options.signal
-    });
+    this.httpClient = httpClient;
   }
   async send(operationName, xmlRequest, requestId, idempotent = false) {
     const rid = requestId ?? `mpac_${Date.now()}_${Math.random().toString(36).slice(2)}`;
@@ -301,57 +324,53 @@ var SoapTransport = class {
     return err.code !== void 0 && SAFE_RETRY_CODES.has(err.code);
   }
   async sendOnce(operationName, xmlRequest, requestId) {
-    const headers = {
-      "SOAPAction": operationName,
-      "X-Request-Id": requestId
-    };
-    let xmlResponse = "";
+    let response;
     try {
-      const response = await this.http.post(
-        this.endpoint,
-        xmlRequest,
-        { headers }
-      );
-      xmlResponse = response.data;
-      return xmlResponse;
+      response = await this.httpClient({
+        url: this.url,
+        headers: {
+          ...this.baseHeaders,
+          "SOAPAction": operationName,
+          "X-Request-Id": requestId
+        },
+        body: xmlRequest,
+        timeoutMs: this.timeoutMs,
+        signal: this.signal
+      });
     } catch (err) {
-      if (import_axios.default.isAxiosError(err)) {
-        xmlResponse = err.response?.data ?? "";
-        if (err.response) {
-          try {
-            const parsed = parseEnvelopeBody(xmlResponse);
-            if ("fault" in parsed) {
-              const { faultcode, faultstring } = parsed.fault;
-              const message = `[${faultcode}] ${operationName}: ${faultstring}`;
-              if (faultcode.startsWith("Client")) {
-                throw new MplusApiClientError(message, faultcode, xmlRequest, xmlResponse);
-              } else if (faultcode.startsWith("Server")) {
-                throw new MplusApiServerError(message, faultcode, xmlRequest, xmlResponse);
-              } else {
-                throw new MplusApiFaultError(message, faultcode, xmlRequest, xmlResponse);
-              }
-            }
-          } catch (parseErr) {
-            if (parseErr instanceof MplusApiClientError || parseErr instanceof MplusApiServerError || parseErr instanceof MplusApiFaultError) {
-              throw parseErr;
-            }
-          }
-          throw new MplusApiCommunicationError(
-            `HTTP ${err.response.status}: ${err.message}`,
-            xmlRequest,
-            xmlResponse,
-            err.code,
-            err.response.status
-          );
+      const code = err.code;
+      const message = err instanceof Error ? err.message : String(err);
+      throw new MplusApiCommunicationError(message, xmlRequest, "", code);
+    }
+    const xmlResponse = response.body;
+    if (response.status >= 200 && response.status < 300) {
+      return xmlResponse;
+    }
+    try {
+      const parsed = parseEnvelopeBody(xmlResponse);
+      if ("fault" in parsed) {
+        const { faultcode, faultstring } = parsed.fault;
+        const message = `[${faultcode}] ${operationName}: ${faultstring}`;
+        if (faultcode.startsWith("Client")) {
+          throw new MplusApiClientError(message, faultcode, xmlRequest, xmlResponse);
+        } else if (faultcode.startsWith("Server")) {
+          throw new MplusApiServerError(message, faultcode, xmlRequest, xmlResponse);
+        } else {
+          throw new MplusApiFaultError(message, faultcode, xmlRequest, xmlResponse);
         }
-        throw new MplusApiCommunicationError(err.message, xmlRequest, xmlResponse, err.code);
       }
-      throw new MplusApiCommunicationError(
-        err instanceof Error ? err.message : String(err),
-        xmlRequest,
-        xmlResponse
-      );
+    } catch (parseErr) {
+      if (parseErr instanceof MplusApiClientError || parseErr instanceof MplusApiServerError || parseErr instanceof MplusApiFaultError) {
+        throw parseErr;
+      }
     }
+    throw new MplusApiCommunicationError(
+      `HTTP ${response.status}`,
+      xmlRequest,
+      xmlResponse,
+      void 0,
+      response.status
+    );
   }
 };
 

package/dist/index.mjs

@@ -2,8 +2,7 @@
 import { randomUUID } from "crypto";
 
 // src/transport.ts
-import axios from "axios";
-import { Agent } from "https";
+import { Agent, request as httpsRequest } from "https";
 
 // src/errors.ts
 var MplusApiError = class extends Error {
@@ -200,29 +199,63 @@ function toArray(val) {
 
 // src/transport.ts
 var SAFE_RETRY_CODES = /* @__PURE__ */ new Set(["ECONNREFUSED", "ENOTFOUND", "EAI_AGAIN", "EHOSTUNREACH", "ENETUNREACH"]);
+function abortError() {
+  const e = new Error("Request aborted");
+  e.code = "ABORT_ERR";
+  return e;
+}
+var keepAliveAgent = new Agent({ keepAlive: true });
+var nodeHttpsClient = (req) => new Promise((resolve, reject) => {
+  const url = new URL(req.url);
+  const clientReq = httpsRequest(
+    {
+      method: "POST",
+      hostname: url.hostname,
+      port: url.port,
+      path: url.pathname + url.search,
+      agent: keepAliveAgent,
+      headers: { ...req.headers, "Content-Length": Buffer.byteLength(req.body) }
+    },
+    (res) => {
+      const chunks = [];
+      res.on("data", (c) => chunks.push(c));
+      res.on("end", () => resolve({ status: res.statusCode ?? 0, body: Buffer.concat(chunks).toString("utf8") }));
+    }
+  );
+  clientReq.on("error", reject);
+  if (req.timeoutMs > 0) {
+    clientReq.setTimeout(req.timeoutMs, () => {
+      const e = new Error(`Request timed out after ${req.timeoutMs}ms`);
+      e.code = "ETIMEDOUT";
+      clientReq.destroy(e);
+    });
+  }
+  if (req.signal) {
+    if (req.signal.aborted) {
+      clientReq.destroy(abortError());
+    } else {
+      req.signal.addEventListener("abort", () => clientReq.destroy(abortError()), { once: true });
+    }
+  }
+  clientReq.write(req.body);
+  clientReq.end();
+});
 var SoapTransport = class {
-  constructor(options) {
+  constructor(options, httpClient = nodeHttpsClient) {
     if (options.timezone !== void 0) {
       setTimeZone(options.timezone);
     }
-    const scheme = "https";
-    this.endpoint = `${scheme}://${options.host}:${options.port}/`;
+    const query = new URLSearchParams({ ident: options.ident, secret: options.secret });
+    this.url = `https://${options.host}:${options.port}/?${query.toString()}`;
+    this.baseHeaders = {
+      "Content-Type": "text/xml; charset=utf-8",
+      "User-Agent": "mplusqapi-node"
+    };
+    this.timeoutMs = (options.timeout ?? 30) * 1e3;
     this.maxRetries = options.maxRetries ?? 3;
     this.retryDelay = options.retryDelay ?? 500;
     this.signal = options.signal;
-    this.http = axios.create({
-      baseURL: this.endpoint,
-      params: { ident: options.ident, secret: options.secret },
-      headers: {
-        "Content-Type": "text/xml; charset=utf-8",
-        "User-Agent": "mplusqapi-node/1.0.0"
-      },
-      httpsAgent: options.rejectUnauthorized === false ? new Agent({ rejectUnauthorized: false }) : void 0,
-      timeout: (options.timeout ?? 30) * 1e3,
-      // The body is always XML — never let axios JSON-parse it.
-      responseType: "text",
-      signal: options.signal
-    });
+    this.httpClient = httpClient;
   }
   async send(operationName, xmlRequest, requestId, idempotent = false) {
     const rid = requestId ?? `mpac_${Date.now()}_${Math.random().toString(36).slice(2)}`;
@@ -255,57 +288,53 @@ var SoapTransport = class {
     return err.code !== void 0 && SAFE_RETRY_CODES.has(err.code);
   }
   async sendOnce(operationName, xmlRequest, requestId) {
-    const headers = {
-      "SOAPAction": operationName,
-      "X-Request-Id": requestId
-    };
-    let xmlResponse = "";
+    let response;
     try {
-      const response = await this.http.post(
-        this.endpoint,
-        xmlRequest,
-        { headers }
-      );
-      xmlResponse = response.data;
-      return xmlResponse;
+      response = await this.httpClient({
+        url: this.url,
+        headers: {
+          ...this.baseHeaders,
+          "SOAPAction": operationName,
+          "X-Request-Id": requestId
+        },
+        body: xmlRequest,
+        timeoutMs: this.timeoutMs,
+        signal: this.signal
+      });
     } catch (err) {
-      if (axios.isAxiosError(err)) {
-        xmlResponse = err.response?.data ?? "";
-        if (err.response) {
-          try {
-            const parsed = parseEnvelopeBody(xmlResponse);
-            if ("fault" in parsed) {
-              const { faultcode, faultstring } = parsed.fault;
-              const message = `[${faultcode}] ${operationName}: ${faultstring}`;
-              if (faultcode.startsWith("Client")) {
-                throw new MplusApiClientError(message, faultcode, xmlRequest, xmlResponse);
-              } else if (faultcode.startsWith("Server")) {
-                throw new MplusApiServerError(message, faultcode, xmlRequest, xmlResponse);
-              } else {
-                throw new MplusApiFaultError(message, faultcode, xmlRequest, xmlResponse);
-              }
-            }
-          } catch (parseErr) {
-            if (parseErr instanceof MplusApiClientError || parseErr instanceof MplusApiServerError || parseErr instanceof MplusApiFaultError) {
-              throw parseErr;
-            }
-          }
-          throw new MplusApiCommunicationError(
-            `HTTP ${err.response.status}: ${err.message}`,
-            xmlRequest,
-            xmlResponse,
-            err.code,
-            err.response.status
-          );
+      const code = err.code;
+      const message = err instanceof Error ? err.message : String(err);
+      throw new MplusApiCommunicationError(message, xmlRequest, "", code);
+    }
+    const xmlResponse = response.body;
+    if (response.status >= 200 && response.status < 300) {
+      return xmlResponse;
+    }
+    try {
+      const parsed = parseEnvelopeBody(xmlResponse);
+      if ("fault" in parsed) {
+        const { faultcode, faultstring } = parsed.fault;
+        const message = `[${faultcode}] ${operationName}: ${faultstring}`;
+        if (faultcode.startsWith("Client")) {
+          throw new MplusApiClientError(message, faultcode, xmlRequest, xmlResponse);
+        } else if (faultcode.startsWith("Server")) {
+          throw new MplusApiServerError(message, faultcode, xmlRequest, xmlResponse);
+        } else {
+          throw new MplusApiFaultError(message, faultcode, xmlRequest, xmlResponse);
         }
-        throw new MplusApiCommunicationError(err.message, xmlRequest, xmlResponse, err.code);
       }
-      throw new MplusApiCommunicationError(
-        err instanceof Error ? err.message : String(err),
-        xmlRequest,
-        xmlResponse
-      );
+    } catch (parseErr) {
+      if (parseErr instanceof MplusApiClientError || parseErr instanceof MplusApiServerError || parseErr instanceof MplusApiFaultError) {
+        throw parseErr;
+      }
     }
+    throw new MplusApiCommunicationError(
+      `HTTP ${response.status}`,
+      xmlRequest,
+      xmlResponse,
+      void 0,
+      response.status
+    );
   }
 };
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@izak0s/mplusqapi-node",
-  "version": "1.1.2",
+  "version": "1.2.0",
   "description": "TypeScript client for the MplusKASSA SOAP API",
   "homepage": "https://github.com/izak0s/mplusqapi-node#readme",
   "bugs": {
@@ -57,7 +57,6 @@
     "pack:dry-run": "npm pack --dry-run"
   },
   "dependencies": {
-    "axios": "^1.7.2",
     "fast-xml-parser": "^5.8.0"
   },
   "overrides": {