@wikha/sdk 1.1.13 → 1.1.14

package/README.md

@@ -18,6 +18,12 @@ console.log(WikhaSDK.Environment.sandbox);
 
 
 # Processing a Payment
+
+## Security & Payload Encryption
+By default, when using this SDK in a browser environment, it will send the data in **plaintext** (`{ data: ... }`) if the `crypto` module is not present. However, if you are using Node.js (or if a Polyfill is provided), the SDK will automatically compress and encrypt your payload in RSA using the `encryptedData` field.
+
+The Wikha API accepts both formats but we strongly encourage RSA encryption for production usage.
+
 ## Use the processPayment method to initiate a payment. 
 You'll need to provide a WikhaPayload object with the necessary payment details.
 

package/dist/src/sdk.js

@@ -59,7 +59,9 @@ class WikhaSDK {
         }
         if (isNode) {
             try {
-                return require('node-fetch');
+                // Use eval('require') to evade webpack/esbuild statically evaluating node-fetch for browsers
+                const req = eval('require');
+                return req('node-fetch');
             }
             catch (e) {
                 console.warn("Native fetch not found and 'node-fetch' not installed.");
@@ -95,7 +97,8 @@ class WikhaSDK {
         }
         const dataString = JSON.stringify({ ...data, merchant_id: this.merchantId });
         if (isNode) {
-            const crypto = require('crypto');
+            const req = eval('require');
+            const crypto = req('crypto');
             try {
                 const encrypted = crypto.publicEncrypt({
                     key: this.publicKey,