@vex-chat/libvex 6.6.1 → 6.6.3

package/src/__tests__/harness/shared-suite.ts

@@ -32,8 +32,7 @@ import type { Storage } from "../../Storage.js";
 
 import { getCryptoProfile, setCryptoProfile } from "@vex-chat/crypto";
 
-import { isAxiosError } from "axios";
-
+import { isHttpError } from "../../http.js";
 import { Client } from "../../index.js";
 
 import { testFile, testImage } from "./fixtures.js";
@@ -394,6 +393,37 @@ export function platformSuite(
             expect(new Uint8Array(fetched!.data)).toEqual(testFile);
         });
 
+        test("file upload + download via JSON fallback path", async () => {
+            const globalWithFormData = globalThis as typeof globalThis & {
+                FormData?: unknown;
+            };
+            const originalFormData = globalWithFormData.FormData;
+            Object.defineProperty(globalThis, "FormData", {
+                configurable: true,
+                enumerable: true,
+                value: undefined,
+                writable: true,
+            });
+            try {
+                const [details, key] = await client.files.create(testFile);
+                expect(details.fileID).toBeTruthy();
+
+                const fetched = await client.files.retrieve(
+                    details.fileID,
+                    key,
+                );
+                expect(fetched).toBeTruthy();
+                expect(new Uint8Array(fetched!.data)).toEqual(testFile);
+            } finally {
+                Object.defineProperty(globalThis, "FormData", {
+                    configurable: true,
+                    enumerable: true,
+                    value: originalFormData,
+                    writable: true,
+                });
+            }
+        });
+
         test("emoji upload", async () => {
             const server = await client.servers.create("Emoji Test Server");
             const emoji = await client.emoji.create(
@@ -685,7 +715,7 @@ async function withTransientRetry<T>(fn: () => Promise<T>): Promise<T> {
         } catch (e) {
             last = e;
             const transient =
-                isAxiosError(e) &&
+                isHttpError(e) &&
                 (e.response?.status === 502 || e.response?.status === 503);
             if (transient && i < attempts - 1) {
                 await new Promise((r) => setTimeout(r, 400 * (i + 1)));

package/src/__tests__/http.test.ts

@@ -0,0 +1,98 @@
+/**
+ * Copyright (c) 2020-2026 Vex Heavy Industries LLC
+ * Licensed under AGPL-3.0. See LICENSE for details.
+ * Commercial licenses available at vex.wtf
+ */
+
+import { afterEach, describe, expect, it } from "vitest";
+
+import { createFetchHttpClient, isHttpError } from "../http.js";
+
+const originalFetch = globalThis.fetch;
+
+afterEach(() => {
+    globalThis.fetch = originalFetch;
+});
+
+describe("FetchHttpClient", () => {
+    it("preserves status metadata for empty JSON error responses", async () => {
+        globalThis.fetch = () =>
+            Promise.resolve(
+                new Response(null, {
+                    status: 401,
+                    statusText: "Unauthorized",
+                }),
+            );
+
+        const client = createFetchHttpClient();
+        const err = await captureError(() =>
+            client.post(
+                "https://example.test/device/id/notifications",
+                {},
+                { responseType: "json" },
+            ),
+        );
+
+        expect(isHttpError(err)).toBe(true);
+        if (!isHttpError(err)) {
+            throw err;
+        }
+        expect(err.response?.status).toBe(401);
+        expect(err.response?.statusText).toBe("Unauthorized");
+        expect(err.response?.data).toBeNull();
+        expect(err.config.method).toBe("POST");
+    });
+
+    it("preserves status metadata for non-JSON error responses", async () => {
+        globalThis.fetch = () =>
+            Promise.resolve(
+                new Response("plain failure", {
+                    headers: { "Content-Type": "text/plain" },
+                    status: 400,
+                    statusText: "Bad Request",
+                }),
+            );
+
+        const client = createFetchHttpClient();
+        const err = await captureError(() =>
+            client.get("https://example.test/status", {
+                responseType: "json",
+            }),
+        );
+
+        expect(isHttpError(err)).toBe(true);
+        if (!isHttpError(err)) {
+            throw err;
+        }
+        expect(err.response?.status).toBe(400);
+        expect(err.response?.data).toBe("plain failure");
+    });
+
+    it("emits a final upload progress event for FormData payloads", async () => {
+        globalThis.fetch = () =>
+            Promise.resolve(new Response(new ArrayBuffer(0), { status: 200 }));
+
+        const client = createFetchHttpClient();
+        const events: { loaded: number; total?: number }[] = [];
+        const payload = new FormData();
+        payload.set("file", new Blob([new Uint8Array([1, 2, 3])]));
+        payload.set("name", "ok");
+
+        await client.post("https://example.test/file", payload, {
+            onUploadProgress: (event) => {
+                events.push(event);
+            },
+        });
+
+        expect(events).toEqual([{ loaded: 5, total: 5 }]);
+    });
+});
+
+async function captureError(fn: () => Promise<unknown>): Promise<unknown> {
+    try {
+        await fn();
+    } catch (err: unknown) {
+        return err;
+    }
+    throw new Error("Expected function to throw");
+}

package/src/codec.ts

@@ -59,7 +59,7 @@ function msgpackDecode(data: Uint8Array): unknown {
 /**
  * Encode a value to msgpack. Returns a fresh Uint8Array copy
  * (not a subarray of the internal pool buffer) to avoid browser
- * XMLHttpRequest.send() corruption (axios issue #4068).
+ * transport corruption when a runtime reuses pooled buffers.
  */
 function msgpackEncode(value: unknown): Uint8Array {
     const packed = _packr.encode(value);

package/src/codecs.ts

@@ -8,7 +8,7 @@
  * Pre-built codec instances for every HTTP response type.
  *
  * Usage: import { UserCodec } from "./codecs.js";
- *        const data = decodeAxios(UserCodec, res.data);
+ *        const data = decodeHttpResponse(UserCodec, res.data);
  *
  * decode() returns typed data without runtime validation (SDK trusts server).
  * For trust boundary validation, use codec.decodeSafe() directly.
@@ -190,18 +190,15 @@ export const PasskeyAuthFinishResponseCodec = createCodec(
     }),
 );
 
-// ── Helper: decode axios response buffer ────────────────────────────────────
+// ── Helper: decode binary HTTP response buffer ──────────────────────────────
 
 /**
- * Decode an axios arraybuffer response with a typed codec.
+ * Decode a binary HTTP response with a typed codec.
  * Uses decodeSafe (Zod-validated) so schema mismatches surface immediately.
  */
-export function decodeAxios<T>(
+export function decodeHttpResponse<T>(
     codec: { decodeSafe: (data: Uint8Array) => T },
-    /**
-     * Accepts `unknown` because axios types its `responseType: 'arraybuffer'`
-     * responses as `any`. At runtime this is always an `ArrayBuffer`.
-     */
+    /** Accepts `unknown` so callers can pass transport response data directly. */
     data: unknown,
 ): T {
     if (data instanceof Uint8Array) {
@@ -210,5 +207,5 @@ export function decodeAxios<T>(
     if (data instanceof ArrayBuffer) {
         return codec.decodeSafe(new Uint8Array(data));
     }
-    throw new Error("Expected Uint8Array or ArrayBuffer from axios response");
+    throw new Error("Expected Uint8Array or ArrayBuffer from HTTP response");
 }