npm - @tryghost/content-api - Versions diffs - 1.11.20 → 1.11.21 - Mend

@tryghost/content-api 1.11.20 → 1.11.21

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/cjs/content-api.js +8 -8
package/es/content-api.js +79 -60
package/es/content-api.js.map +1 -1
package/package.json +8 -8
package/umd/content-api.min.js +1 -1
package/umd/content-api.min.js.map +1 -1

package/cjs/content-api.js CHANGED Viewed

@@ -3,7 +3,7 @@
 var axios = require('axios');
 var name$1 = "@tryghost/content-api";
-var version = "1.11.20";
+var version = "1.11.21";
 var repository = "https://github.com/TryGhost/SDK/tree/main/packages/content-api";
 var author = "Ghost Foundation";
 var license = "MIT";
@@ -32,14 +32,14 @@ var publishConfig = {
 	access: "public"
 };
 var devDependencies = {
-	"@babel/core": "7.23.3",
+	"@babel/core": "7.24.4",
 	"@babel/polyfill": "7.12.1",
-	"@babel/preset-env": "7.23.3",
-	"@rollup/plugin-json": "6.0.1",
-	c8: "8.0.1",
-	"core-js": "3.33.2",
+	"@babel/preset-env": "7.24.4",
+	"@rollup/plugin-json": "6.1.0",
+	c8: "9.1.0",
+	"core-js": "3.37.0",
 	"eslint-plugin-ghost": "3.4.0",
-	mocha: "10.2.0",
+	mocha: "10.4.0",
 	rollup: "2.79.1",
 	"rollup-plugin-babel": "4.4.0",
 	"rollup-plugin-commonjs": "10.1.0",
@@ -53,7 +53,7 @@ var devDependencies = {
 var dependencies = {
 	axios: "^1.0.0"
 };
-var gitHead = "4839d3f97de2120d98fa47677eed7591dfa20e64";
+var gitHead = "048ccde4bd78d2dcd60e778d03eb8dc3227cece5";
 var packageInfo = {
 	name: name$1,
 	version: version,

package/es/content-api.js CHANGED Viewed

@@ -1349,6 +1349,9 @@ function arrayToObject(arr) {
 function formDataToJSON(formData) {
   function buildPath(path, value, target, index) {
     let name = path[index++];
+    if (name === '__proto__') return true;
     const isNumericKey = Number.isFinite(+name);
     const isLast = index >= path.length;
     name = !name && utils$1.isArray(target) ? target.length : name;
@@ -1432,9 +1435,6 @@ const defaults = {
     const isFormData = utils$1.isFormData(data);
     if (isFormData) {
-      if (!hasJSONContentType) {
-        return data;
-      }
       return hasJSONContentType ? JSON.stringify(formDataToJSON(data)) : data;
     }
@@ -1957,51 +1957,42 @@ function settle(resolve, reject, response) {
 var cookies = platform.hasStandardBrowserEnv ?
-// Standard browser envs support document.cookie
-  (function standardBrowserEnv() {
-    return {
-      write: function write(name, value, expires, path, domain, secure) {
-        const cookie = [];
-        cookie.push(name + '=' + encodeURIComponent(value));
+  // Standard browser envs support document.cookie
+  {
+    write(name, value, expires, path, domain, secure) {
+      const cookie = [name + '=' + encodeURIComponent(value)];
-        if (utils$1.isNumber(expires)) {
-          cookie.push('expires=' + new Date(expires).toGMTString());
-        }
+      utils$1.isNumber(expires) && cookie.push('expires=' + new Date(expires).toGMTString());
-        if (utils$1.isString(path)) {
-          cookie.push('path=' + path);
-        }
+      utils$1.isString(path) && cookie.push('path=' + path);
-        if (utils$1.isString(domain)) {
-          cookie.push('domain=' + domain);
-        }
+      utils$1.isString(domain) && cookie.push('domain=' + domain);
-        if (secure === true) {
-          cookie.push('secure');
-        }
+      secure === true && cookie.push('secure');
-        document.cookie = cookie.join('; ');
-      },
+      document.cookie = cookie.join('; ');
+    },
-      read: function read(name) {
-        const match = document.cookie.match(new RegExp('(^|;\\s*)(' + name + ')=([^;]*)'));
-        return (match ? decodeURIComponent(match[3]) : null);
-      },
+    read(name) {
+      const match = document.cookie.match(new RegExp('(^|;\\s*)(' + name + ')=([^;]*)'));
+      return (match ? decodeURIComponent(match[3]) : null);
+    },
-      remove: function remove(name) {
-        this.write(name, '', Date.now() - 86400000);
-      }
-    };
-  })() :
+    remove(name) {
+      this.write(name, '', Date.now() - 86400000);
+    }
+  }
-// Non standard browser env (web workers, react-native) lack needed support.
-  (function nonStandardBrowserEnv() {
-    return {
-      write: function write() {},
-      read: function read() { return null; },
-      remove: function remove() {}
-    };
-  })();
+  :
+  // Non-standard browser env (web workers, react-native) lack needed support.
+  {
+    write() {},
+    read() {
+      return null;
+    },
+    remove() {}
+  };
 /**
  * Determines whether the specified URL is absolute
@@ -2027,7 +2018,7 @@ function isAbsoluteURL(url) {
  */
 function combineURLs(baseURL, relativeURL) {
   return relativeURL
-    ? baseURL.replace(/\/+$/, '') + '/' + relativeURL.replace(/^\/+/, '')
+    ? baseURL.replace(/\/?\/$/, '') + '/' + relativeURL.replace(/^\/+/, '')
     : baseURL;
 }
@@ -2058,7 +2049,7 @@ var isURLSameOrigin = platform.hasStandardBrowserEnv ?
     let originURL;
     /**
-    * Parse a URL to discover it's components
+    * Parse a URL to discover its components
     *
     * @param {String} url The URL to be parsed
     * @returns {Object}
@@ -2203,7 +2194,7 @@ var xhrAdapter = isXHRAdapterSupported && function (config) {
   return new Promise(function dispatchXhrRequest(resolve, reject) {
     let requestData = config.data;
     const requestHeaders = AxiosHeaders$1.from(config.headers).normalize();
-    const responseType = config.responseType;
+    let {responseType, withXSRFToken} = config;
     let onCanceled;
     function done() {
       if (config.cancelToken) {
@@ -2339,13 +2330,16 @@ var xhrAdapter = isXHRAdapterSupported && function (config) {
     // Add xsrf header
     // This is only done if running in a standard browser environment.
     // Specifically not if we're in a web worker, or react-native.
-    if (platform.hasStandardBrowserEnv) {
-      // Add xsrf header
-      // regarding CVE-2023-45857 config.withCredentials condition was removed temporarily
-      const xsrfValue = isURLSameOrigin(fullPath) && config.xsrfCookieName && cookies.read(config.xsrfCookieName);
+    if(platform.hasStandardBrowserEnv) {
+      withXSRFToken && utils$1.isFunction(withXSRFToken) && (withXSRFToken = withXSRFToken(config));
+      if (withXSRFToken || (withXSRFToken !== false && isURLSameOrigin(fullPath))) {
+        // Add xsrf header
+        const xsrfValue = config.xsrfHeaderName && config.xsrfCookieName && cookies.read(config.xsrfCookieName);
-      if (xsrfValue) {
-        requestHeaders.set(config.xsrfHeaderName, xsrfValue);
+        if (xsrfValue) {
+          requestHeaders.set(config.xsrfHeaderName, xsrfValue);
+        }
       }
     }
@@ -2556,7 +2550,7 @@ function dispatchRequest(config) {
   });
 }
-const headersToObject = (thing) => thing instanceof AxiosHeaders$1 ? thing.toJSON() : thing;
+const headersToObject = (thing) => thing instanceof AxiosHeaders$1 ? { ...thing } : thing;
 /**
  * Config-specific merge-function which creates a new config-object
@@ -2628,6 +2622,7 @@ function mergeConfig(config1, config2) {
     timeout: defaultToConfig2,
     timeoutMessage: defaultToConfig2,
     withCredentials: defaultToConfig2,
+    withXSRFToken: defaultToConfig2,
     adapter: defaultToConfig2,
     responseType: defaultToConfig2,
     xsrfCookieName: defaultToConfig2,
@@ -2657,7 +2652,7 @@ function mergeConfig(config1, config2) {
   return config;
 }
-const VERSION = "1.6.1";
+const VERSION = "1.6.8";
 const validators$1 = {};
@@ -2772,7 +2767,31 @@ class Axios {
    *
    * @returns {Promise} The Promise to be fulfilled
    */
-  request(configOrUrl, config) {
+  async request(configOrUrl, config) {
+    try {
+      return await this._request(configOrUrl, config);
+    } catch (err) {
+      if (err instanceof Error) {
+        let dummy;
+        Error.captureStackTrace ? Error.captureStackTrace(dummy = {}) : (dummy = new Error());
+        // slice off the Error: ... line
+        const stack = dummy.stack ? dummy.stack.replace(/^.+\n/, '') : '';
+        if (!err.stack) {
+          err.stack = stack;
+          // match without the 2 top stack lines
+        } else if (stack && !String(err.stack).endsWith(stack.replace(/^.+\n.+\n/, ''))) {
+          err.stack += '\n' + stack;
+        }
+      }
+      throw err;
+    }
+  }
+  _request(configOrUrl, config) {
     /*eslint no-param-reassign:0*/
     // Allow for axios('example/url'[, config]) a la fetch API
     if (typeof configOrUrl === 'string') {
@@ -3236,7 +3255,7 @@ axios.default = axios;
 var axios$1 = axios;
 var name$1 = "@tryghost/content-api";
-var version = "1.11.20";
+var version = "1.11.21";
 var repository = "https://github.com/TryGhost/SDK/tree/main/packages/content-api";
 var author = "Ghost Foundation";
 var license = "MIT";
@@ -3265,14 +3284,14 @@ var publishConfig = {
 	access: "public"
 };
 var devDependencies = {
-	"@babel/core": "7.23.3",
+	"@babel/core": "7.24.4",
 	"@babel/polyfill": "7.12.1",
-	"@babel/preset-env": "7.23.3",
-	"@rollup/plugin-json": "6.0.1",
-	c8: "8.0.1",
-	"core-js": "3.33.2",
+	"@babel/preset-env": "7.24.4",
+	"@rollup/plugin-json": "6.1.0",
+	c8: "9.1.0",
+	"core-js": "3.37.0",
 	"eslint-plugin-ghost": "3.4.0",
-	mocha: "10.2.0",
+	mocha: "10.4.0",
 	rollup: "2.79.1",
 	"rollup-plugin-babel": "4.4.0",
 	"rollup-plugin-commonjs": "10.1.0",
@@ -3286,7 +3305,7 @@ var devDependencies = {
 var dependencies = {
 	axios: "^1.0.0"
 };
-var gitHead = "4839d3f97de2120d98fa47677eed7591dfa20e64";
+var gitHead = "048ccde4bd78d2dcd60e778d03eb8dc3227cece5";
 var packageInfo = {
 	name: name$1,
 	version: version,