npm - agent-relay - Versions diffs - 4.0.30 → 4.0.31 - Mend

agent-relay 4.0.30 → 4.0.31

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (137) hide show

package/README.md +88 -48
package/bin/agent-relay-broker-darwin-arm64 +0 -0
package/bin/agent-relay-broker-darwin-x64 +0 -0
package/bin/agent-relay-broker-linux-arm64 +0 -0
package/bin/agent-relay-broker-linux-x64 +0 -0
package/dist/index.cjs +99 -54
package/dist/src/cli/bootstrap.d.ts +2 -1
package/dist/src/cli/bootstrap.d.ts.map +1 -1
package/dist/src/cli/bootstrap.js +223 -17
package/dist/src/cli/bootstrap.js.map +1 -1
package/dist/src/cli/commands/agent-management.d.ts.map +1 -1
package/dist/src/cli/commands/agent-management.js +1 -3
package/dist/src/cli/commands/agent-management.js.map +1 -1
package/dist/src/cli/commands/auth.d.ts.map +1 -1
package/dist/src/cli/commands/auth.js +32 -3
package/dist/src/cli/commands/auth.js.map +1 -1
package/dist/src/cli/commands/cloud.d.ts.map +1 -1
package/dist/src/cli/commands/cloud.js +242 -144
package/dist/src/cli/commands/cloud.js.map +1 -1
package/dist/src/cli/commands/core.d.ts.map +1 -1
package/dist/src/cli/commands/core.js +11 -6
package/dist/src/cli/commands/core.js.map +1 -1
package/dist/src/cli/commands/messaging.d.ts.map +1 -1
package/dist/src/cli/commands/messaging.js +1 -3
package/dist/src/cli/commands/messaging.js.map +1 -1
package/dist/src/cli/commands/monitoring.d.ts.map +1 -1
package/dist/src/cli/commands/monitoring.js +5 -4
package/dist/src/cli/commands/monitoring.js.map +1 -1
package/dist/src/cli/commands/on.d.ts.map +1 -1
package/dist/src/cli/commands/on.js +1 -3
package/dist/src/cli/commands/on.js.map +1 -1
package/dist/src/cli/commands/setup.d.ts.map +1 -1
package/dist/src/cli/commands/setup.js +62 -7
package/dist/src/cli/commands/setup.js.map +1 -1
package/dist/src/cli/commands/swarm.d.ts.map +1 -1
package/dist/src/cli/commands/swarm.js +34 -4
package/dist/src/cli/commands/swarm.js.map +1 -1
package/dist/src/cli/index.js +9 -1
package/dist/src/cli/index.js.map +1 -1
package/dist/src/cli/lib/exit.d.ts +49 -0
package/dist/src/cli/lib/exit.d.ts.map +1 -0
package/dist/src/cli/lib/exit.js +73 -0
package/dist/src/cli/lib/exit.js.map +1 -0
package/dist/src/cli/lib/telemetry-helpers.d.ts +20 -0
package/dist/src/cli/lib/telemetry-helpers.d.ts.map +1 -0
package/dist/src/cli/lib/telemetry-helpers.js +31 -0
package/dist/src/cli/lib/telemetry-helpers.js.map +1 -0
package/node_modules/@agent-relay/cloud/package.json +2 -2
package/node_modules/@agent-relay/config/package.json +1 -1
package/node_modules/@agent-relay/hooks/package.json +4 -4
package/node_modules/@agent-relay/sdk/dist/workflows/file-db.d.ts +62 -12
package/node_modules/@agent-relay/sdk/dist/workflows/file-db.d.ts.map +1 -1
package/node_modules/@agent-relay/sdk/dist/workflows/file-db.js +137 -47
package/node_modules/@agent-relay/sdk/dist/workflows/file-db.js.map +1 -1
package/node_modules/@agent-relay/sdk/package.json +2 -2
package/node_modules/@agent-relay/telemetry/dist/client.d.ts +14 -2
package/node_modules/@agent-relay/telemetry/dist/client.d.ts.map +1 -1
package/node_modules/@agent-relay/telemetry/dist/client.js +22 -4
package/node_modules/@agent-relay/telemetry/dist/client.js.map +1 -1
package/node_modules/@agent-relay/telemetry/dist/events.d.ts +217 -10
package/node_modules/@agent-relay/telemetry/dist/events.d.ts.map +1 -1
package/node_modules/@agent-relay/telemetry/dist/events.js +11 -0
package/node_modules/@agent-relay/telemetry/dist/events.js.map +1 -1
package/node_modules/@agent-relay/telemetry/dist/index.d.ts +2 -2
package/node_modules/@agent-relay/telemetry/dist/index.d.ts.map +1 -1
package/node_modules/@agent-relay/telemetry/dist/index.js.map +1 -1
package/node_modules/@agent-relay/telemetry/package.json +2 -2
package/node_modules/@agent-relay/trajectory/package.json +2 -2
package/node_modules/@agent-relay/user-directory/package.json +2 -2
package/node_modules/@agent-relay/utils/package.json +2 -2
package/node_modules/@relaycast/sdk/dist/version.d.ts +1 -1
package/node_modules/@relaycast/sdk/dist/version.js +1 -1
package/node_modules/@relaycast/sdk/node_modules/@relaycast/types/package.json +1 -1
package/node_modules/@relaycast/sdk/package.json +2 -2
package/node_modules/axios/CHANGELOG.md +166 -0
package/node_modules/axios/README.md +210 -204
package/node_modules/axios/dist/axios.js +92 -63
package/node_modules/axios/dist/axios.js.map +1 -1
package/node_modules/axios/dist/axios.min.js +2 -2
package/node_modules/axios/dist/axios.min.js.map +1 -1
package/node_modules/axios/dist/browser/axios.cjs +140 -101
package/node_modules/axios/dist/browser/axios.cjs.map +1 -1
package/node_modules/axios/dist/esm/axios.js +140 -101
package/node_modules/axios/dist/esm/axios.js.map +1 -1
package/node_modules/axios/dist/esm/axios.min.js +2 -2
package/node_modules/axios/dist/esm/axios.min.js.map +1 -1
package/node_modules/axios/dist/node/axios.cjs +199 -75
package/node_modules/axios/dist/node/axios.cjs.map +1 -1
package/node_modules/axios/index.d.cts +14 -28
package/node_modules/axios/index.d.ts +132 -226
package/node_modules/axios/lib/adapters/fetch.js +21 -6
package/node_modules/axios/lib/adapters/http.js +88 -6
package/node_modules/axios/lib/core/AxiosError.js +34 -33
package/node_modules/axios/lib/core/AxiosHeaders.js +24 -25
package/node_modules/axios/lib/core/buildFullPath.js +1 -1
package/node_modules/axios/lib/core/mergeConfig.js +5 -3
package/node_modules/axios/lib/defaults/index.js +13 -8
package/node_modules/axios/lib/env/data.js +1 -1
package/node_modules/axios/lib/helpers/AxiosURLSearchParams.js +1 -2
package/node_modules/axios/lib/helpers/formDataToJSON.js +3 -1
package/node_modules/axios/lib/helpers/formDataToStream.js +2 -1
package/node_modules/axios/lib/helpers/progressEventReducer.js +5 -5
package/node_modules/axios/lib/helpers/resolveConfig.js +11 -3
package/node_modules/axios/lib/helpers/shouldBypassProxy.js +48 -1
package/node_modules/axios/lib/helpers/toFormData.js +10 -2
package/node_modules/axios/lib/utils.js +10 -10
package/node_modules/axios/package.json +4 -4
package/package.json +9 -9
package/packages/cloud/package.json +2 -2
package/packages/config/package.json +1 -1
package/packages/hooks/package.json +4 -4
package/packages/sdk/dist/workflows/file-db.d.ts +62 -12
package/packages/sdk/dist/workflows/file-db.d.ts.map +1 -1
package/packages/sdk/dist/workflows/file-db.js +137 -47
package/packages/sdk/dist/workflows/file-db.js.map +1 -1
package/packages/sdk/package.json +2 -2
package/packages/telemetry/dist/client.d.ts +14 -2
package/packages/telemetry/dist/client.d.ts.map +1 -1
package/packages/telemetry/dist/client.js +22 -4
package/packages/telemetry/dist/client.js.map +1 -1
package/packages/telemetry/dist/events.d.ts +217 -10
package/packages/telemetry/dist/events.d.ts.map +1 -1
package/packages/telemetry/dist/events.js +11 -0
package/packages/telemetry/dist/events.js.map +1 -1
package/packages/telemetry/dist/index.d.ts +2 -2
package/packages/telemetry/dist/index.d.ts.map +1 -1
package/packages/telemetry/dist/index.js.map +1 -1
package/packages/telemetry/package.json +2 -2
package/packages/trajectory/package.json +2 -2
package/packages/user-directory/package.json +2 -2
package/packages/utils/package.json +2 -2
package/node_modules/@clack/prompts/node_modules/is-unicode-supported/index.d.ts +0 -12
package/node_modules/@clack/prompts/node_modules/is-unicode-supported/index.js +0 -17
package/node_modules/@clack/prompts/node_modules/is-unicode-supported/license +0 -9
package/node_modules/@clack/prompts/node_modules/is-unicode-supported/package.json +0 -43
package/node_modules/@clack/prompts/node_modules/is-unicode-supported/readme.md +0 -35
package/node_modules/color-convert/CHANGELOG.md +0 -54

package/node_modules/axios/dist/axios.js CHANGED Viewed

@@ -1,4 +1,4 @@
-/*! Axios v1.15.0 Copyright (c) 2026 Matt Zabriskie and contributors */
+/*! Axios v1.15.1 Copyright (c) 2026 Matt Zabriskie and contributors */
 (function (global, factory) {
   typeof exports === 'object' && typeof module !== 'undefined' ? module.exports = factory() :
   typeof define === 'function' && define.amd ? define(factory) :
@@ -812,10 +812,16 @@
   var G = getGlobal();
   var FormDataCtor = typeof G.FormData !== 'undefined' ? G.FormData : undefined;
   var isFormData = function isFormData(thing) {
-    var kind;
-    return thing && (FormDataCtor && thing instanceof FormDataCtor || isFunction$1(thing.append) && ((kind = kindOf(thing)) === 'formdata' ||
+    if (!thing) return false;
+    if (FormDataCtor && thing instanceof FormDataCtor) return true;
+    // Reject plain objects inheriting directly from Object.prototype so prototype-pollution gadgets can't spoof FormData (GHSA-6chq-wfr3-2hj9).
+    var proto = getPrototypeOf(thing);
+    if (!proto || proto === Object.prototype) return false;
+    if (!isFunction$1(thing.append)) return false;
+    var kind = kindOf(thing);
+    return kind === 'formdata' ||
     // detect form-data instance
-    kind === 'object' && isFunction$1(thing.toString) && thing.toString() === '[object FormData]'));
+    kind === 'object' && isFunction$1(thing.toString) && thing.toString() === '[object FormData]';
   };
   /**
@@ -1513,6 +1519,7 @@
   AxiosError.ERR_CANCELED = 'ERR_CANCELED';
   AxiosError.ERR_NOT_SUPPORT = 'ERR_NOT_SUPPORT';
   AxiosError.ERR_INVALID_URL = 'ERR_INVALID_URL';
+  AxiosError.ERR_FORM_DATA_DEPTH_EXCEEDED = 'ERR_FORM_DATA_DEPTH_EXCEEDED';
   // eslint-disable-next-line strict
   var httpAdapter = null;
@@ -1617,6 +1624,7 @@
     var dots = options.dots;
     var indexes = options.indexes;
     var _Blob = options.Blob || typeof Blob !== 'undefined' && Blob;
+    var maxDepth = options.maxDepth === undefined ? 100 : options.maxDepth;
     var useBlob = _Blob && utils$1.isSpecCompliantForm(formData);
     if (!utils$1.isFunction(visitor)) {
       throw new TypeError('visitor must be a function');
@@ -1684,7 +1692,11 @@
       isVisitable: isVisitable
     });
     function build(value, path) {
+      var depth = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : 0;
       if (utils$1.isUndefined(value)) return;
+      if (depth > maxDepth) {
+        throw new AxiosError('Object is too deeply nested (' + depth + ' levels). Max depth: ' + maxDepth, AxiosError.ERR_FORM_DATA_DEPTH_EXCEEDED);
+      }
       if (stack.indexOf(value) !== -1) {
         throw Error('Circular reference detected in ' + path.join('.'));
       }
@@ -1692,7 +1704,7 @@
       utils$1.forEach(value, function each(el, key) {
         var result = !(utils$1.isUndefined(el) || el === null) && visitor.call(formData, el, utils$1.isString(key) ? key.trim() : key, path, exposedHelpers);
         if (result === true) {
-          build(el, path ? path.concat(key) : [key]);
+          build(el, path ? path.concat(key) : [key], depth + 1);
         }
       });
       stack.pop();
@@ -1719,10 +1731,9 @@
       '(': '%28',
       ')': '%29',
       '~': '%7E',
-      '%20': '+',
-      '%00': '\x00'
+      '%20': '+'
     };
-    return encodeURIComponent(str).replace(/[!'()~]|%20|%00/g, function replacer(match) {
+    return encodeURIComponent(str).replace(/[!'()~]|%20/g, function replacer(match) {
       return charMap[match];
     });
   }
@@ -2012,7 +2023,7 @@
       name = !name && utils$1.isArray(target) ? target.length : name;
       if (isLast) {
         if (utils$1.hasOwnProp(target, name)) {
-          target[name] = [target[name], value];
+          target[name] = utils$1.isArray(target[name]) ? target[name].concat(value) : [target[name], value];
         } else {
           target[name] = value;
         }
@@ -2037,6 +2048,10 @@
     return null;
   }
+  var own = function own(obj, key) {
+    return obj != null && utils$1.hasOwnProp(obj, key) ? obj[key] : undefined;
+  };
   /**
    * It takes a string, tries to parse it, and if it fails, it returns the stringified version
    * of the input
@@ -2086,14 +2101,16 @@
       }
       var isFileList;
       if (isObjectPayload) {
+        var formSerializer = own(this, 'formSerializer');
         if (contentType.indexOf('application/x-www-form-urlencoded') > -1) {
-          return toURLEncodedForm(data, this.formSerializer).toString();
+          return toURLEncodedForm(data, formSerializer).toString();
         }
         if ((isFileList = utils$1.isFileList(data)) || contentType.indexOf('multipart/form-data') > -1) {
-          var _FormData = this.env && this.env.FormData;
+          var env = own(this, 'env');
+          var _FormData = env && env.FormData;
           return toFormData(isFileList ? {
             'files[]': data
-          } : data, _FormData && new _FormData(), this.formSerializer);
+          } : data, _FormData && new _FormData(), formSerializer);
         }
       }
       if (isObjectPayload || hasJSONContentType) {
@@ -2103,21 +2120,22 @@
       return data;
     }],
     transformResponse: [function transformResponse(data) {
-      var transitional = this.transitional || defaults.transitional;
+      var transitional = own(this, 'transitional') || defaults.transitional;
       var forcedJSONParsing = transitional && transitional.forcedJSONParsing;
-      var JSONRequested = this.responseType === 'json';
+      var responseType = own(this, 'responseType');
+      var JSONRequested = responseType === 'json';
       if (utils$1.isResponse(data) || utils$1.isReadableStream(data)) {
         return data;
       }
-      if (data && utils$1.isString(data) && (forcedJSONParsing && !this.responseType || JSONRequested)) {
+      if (data && utils$1.isString(data) && (forcedJSONParsing && !responseType || JSONRequested)) {
         var silentJSONParsing = transitional && transitional.silentJSONParsing;
         var strictJSONParsing = !silentJSONParsing && JSONRequested;
         try {
-          return JSON.parse(data, this.parseReviver);
+          return JSON.parse(data, own(this, 'parseReviver'));
         } catch (e) {
           if (strictJSONParsing) {
             if (e.name === 'SyntaxError') {
-              throw AxiosError.from(e, AxiosError.ERR_BAD_RESPONSE, this, null, this.response);
+              throw AxiosError.from(e, AxiosError.ERR_BAD_RESPONSE, this, null, own(this, 'response'));
             }
             throw e;
           }
@@ -2196,42 +2214,37 @@
   });
   var $internals = Symbol('internals');
-  var isValidHeaderValue = function isValidHeaderValue(value) {
-    return !/[\r\n]/.test(value);
-  };
-  function assertValidHeaderValue(value, header) {
-    if (value === false || value == null) {
-      return;
-    }
-    if (utils$1.isArray(value)) {
-      value.forEach(function (v) {
-        return assertValidHeaderValue(v, header);
-      });
-      return;
+  var INVALID_HEADER_VALUE_CHARS_RE = /[^\x09\x20-\x7E\x80-\xFF]/g;
+  function trimSPorHTAB(str) {
+    var start = 0;
+    var end = str.length;
+    while (start < end) {
+      var code = str.charCodeAt(start);
+      if (code !== 0x09 && code !== 0x20) {
+        break;
+      }
+      start += 1;
     }
-    if (!isValidHeaderValue(String(value))) {
-      throw new Error("Invalid character in header content [\"".concat(header, "\"]"));
+    while (end > start) {
+      var _code = str.charCodeAt(end - 1);
+      if (_code !== 0x09 && _code !== 0x20) {
+        break;
+      }
+      end -= 1;
     }
+    return start === 0 && end === str.length ? str : str.slice(start, end);
   }
   function normalizeHeader(header) {
     return header && String(header).trim().toLowerCase();
   }
-  function stripTrailingCRLF(str) {
-    var end = str.length;
-    while (end > 0) {
-      var charCode = str.charCodeAt(end - 1);
-      if (charCode !== 10 && charCode !== 13) {
-        break;
-      }
-      end -= 1;
-    }
-    return end === str.length ? str : str.slice(0, end);
+  function sanitizeHeaderValue(str) {
+    return trimSPorHTAB(str.replace(INVALID_HEADER_VALUE_CHARS_RE, ''));
   }
   function normalizeValue(value) {
     if (value === false || value == null) {
       return value;
     }
-    return utils$1.isArray(value) ? value.map(normalizeValue) : stripTrailingCRLF(String(value));
+    return utils$1.isArray(value) ? value.map(normalizeValue) : sanitizeHeaderValue(String(value));
   }
   function parseTokens(str) {
     var tokens = Object.create(null);
@@ -2292,7 +2305,6 @@
           }
           var key = utils$1.findKey(self, lHeader);
           if (!key || self[key] === undefined || _rewrite === true || _rewrite === undefined && self[key] !== false) {
-            assertValidHeaderValue(_value, _header);
             self[key || _header] = normalizeValue(_value);
           }
         }
@@ -2678,19 +2690,19 @@
     var bytesNotified = 0;
     var _speedometer = speedometer(50, 250);
     return throttle(function (e) {
-      var loaded = e.loaded;
+      var rawLoaded = e.loaded;
       var total = e.lengthComputable ? e.total : undefined;
-      var progressBytes = loaded - bytesNotified;
+      var loaded = total != null ? Math.min(rawLoaded, total) : rawLoaded;
+      var progressBytes = Math.max(0, loaded - bytesNotified);
       var rate = _speedometer(progressBytes);
-      var inRange = loaded <= total;
-      bytesNotified = loaded;
+      bytesNotified = Math.max(bytesNotified, loaded);
       var data = _defineProperty({
         loaded: loaded,
         total: total,
         progress: total ? loaded / total : undefined,
         bytes: progressBytes,
         rate: rate ? rate : undefined,
-        estimated: rate && total && inRange ? (total - loaded) / rate : undefined,
+        estimated: rate && total ? (total - loaded) / rate : undefined,
         event: e,
         lengthComputable: total != null
       }, isDownloadStream ? 'download' : 'upload', true);
@@ -2809,7 +2821,7 @@
    */
   function buildFullPath(baseURL, requestedURL, allowAbsoluteUrls) {
     var isRelativeUrl = !isAbsoluteURL(requestedURL);
-    if (baseURL && (isRelativeUrl || allowAbsoluteUrls == false)) {
+    if (baseURL && (isRelativeUrl || allowAbsoluteUrls === false)) {
       return combineURLs(baseURL, requestedURL);
     }
     return requestedURL;
@@ -2870,9 +2882,9 @@
     // eslint-disable-next-line consistent-return
     function mergeDirectKeys(a, b, prop) {
-      if (prop in config2) {
+      if (utils$1.hasOwnProp(config2, prop)) {
         return getMergedValue(a, b);
-      } else if (prop in config1) {
+      } else if (utils$1.hasOwnProp(config1, prop)) {
         return getMergedValue(undefined, a);
       }
     }
@@ -2912,7 +2924,9 @@
     utils$1.forEach(Object.keys(_objectSpread2(_objectSpread2({}, config1), config2)), function computeConfigValue(prop) {
       if (prop === '__proto__' || prop === 'constructor' || prop === 'prototype') return;
       var merge = utils$1.hasOwnProp(mergeMap, prop) ? mergeMap[prop] : mergeDeepProperties;
-      var configValue = merge(config1[prop], config2[prop], prop);
+      var a = utils$1.hasOwnProp(config1, prop) ? config1[prop] : undefined;
+      var b = utils$1.hasOwnProp(config2, prop) ? config2[prop] : undefined;
+      var configValue = merge(a, b, prop);
       utils$1.isUndefined(configValue) && merge !== mergeDirectKeys || (config[prop] = configValue);
     });
     return config;
@@ -2957,9 +2971,15 @@
     // Specifically not if we're in a web worker, or react-native.
     if (platform.hasStandardBrowserEnv) {
-      withXSRFToken && utils$1.isFunction(withXSRFToken) && (withXSRFToken = withXSRFToken(newConfig));
-      if (withXSRFToken || withXSRFToken !== false && isURLSameOrigin(newConfig.url)) {
-        // Add xsrf header
+      if (utils$1.isFunction(withXSRFToken)) {
+        withXSRFToken = withXSRFToken(newConfig);
+      }
+      // Strict boolean check — prevents proto-pollution gadgets (e.g. Object.prototype.withXSRFToken = 1)
+      // and misconfigurations (e.g. "false") from short-circuiting the same-origin check and leaking
+      // the XSRF token cross-origin. See GHSA-xx6v-rp6x-q39c.
+      var shouldSendXSRF = withXSRFToken === true || withXSRFToken == null && isURLSameOrigin(newConfig.url);
+      if (shouldSendXSRF) {
         var xsrfValue = xsrfHeaderName && xsrfCookieName && cookies.read(xsrfCookieName);
         if (xsrfValue) {
           headers.set(xsrfHeaderName, xsrfValue);
@@ -3449,16 +3469,18 @@
     }()));
     var supportsRequestStream = isRequestSupported && isReadableStreamSupported && test(function () {
       var duplexAccessed = false;
-      var body = new ReadableStream$1();
-      var hasContentType = new Request(platform.origin, {
-        body: body,
+      var request = new Request(platform.origin, {
+        body: new ReadableStream$1(),
         method: 'POST',
         get duplex() {
           duplexAccessed = true;
           return 'half';
         }
-      }).headers.has('Content-Type');
-      body.cancel();
+      });
+      var hasContentType = request.headers.has('Content-Type');
+      if (request.body != null) {
+        request.body.cancel();
+      }
       return duplexAccessed && !hasContentType;
     });
     var supportsResponseStream = isResponseSupported && isReadableStreamSupported && test(function () {
@@ -3554,7 +3576,7 @@
     }();
     return /*#__PURE__*/function () {
       var _ref5 = _asyncToGenerator(/*#__PURE__*/_regenerator().m(function _callee4(config) {
-        var _resolveConfig, url, method, data, signal, cancelToken, timeout, onDownloadProgress, onUploadProgress, responseType, headers, _resolveConfig$withCr, withCredentials, fetchOptions, _fetch, composedSignal, request, unsubscribe, requestContentLength, _request, contentTypeHeader, _progressEventDecorat, _progressEventDecorat2, onProgress, flush, isCredentialsSupported, resolvedOptions, response, isStreamResponse, options, responseContentLength, _ref6, _ref7, _onProgress, _flush, responseData, _t3, _t4, _t5;
+        var _resolveConfig, url, method, data, signal, cancelToken, timeout, onDownloadProgress, onUploadProgress, responseType, headers, _resolveConfig$withCr, withCredentials, fetchOptions, _fetch, composedSignal, request, unsubscribe, requestContentLength, _request, contentTypeHeader, _progressEventDecorat, _progressEventDecorat2, onProgress, flush, isCredentialsSupported, contentType, resolvedOptions, response, isStreamResponse, options, responseContentLength, _ref6, _ref7, _onProgress, _flush, responseData, _t3, _t4, _t5;
         return _regenerator().w(function (_context4) {
           while (1) switch (_context4.p = _context4.n) {
             case 0:
@@ -3601,7 +3623,14 @@
               // Cloudflare Workers throws when credentials are defined
               // see https://github.com/cloudflare/workerd/issues/902
-              isCredentialsSupported = isRequestSupported && 'credentials' in Request.prototype;
+              isCredentialsSupported = isRequestSupported && 'credentials' in Request.prototype; // If data is FormData and Content-Type is multipart/form-data without boundary,
+              // delete it so fetch can set it correctly with the boundary
+              if (utils$1.isFormData(data)) {
+                contentType = headers.getContentType();
+                if (contentType && /^multipart\/form-data/i.test(contentType) && !/boundary=/i.test(contentType)) {
+                  headers["delete"]('content-type');
+                }
+              }
               resolvedOptions = _objectSpread2(_objectSpread2({}, fetchOptions), {}, {
                 signal: composedSignal,
                 method: method.toUpperCase(),
@@ -3860,7 +3889,7 @@
     });
   }
-  var VERSION = "1.15.0";
+  var VERSION = "1.15.1";
   var validators$1 = {};