npm - axios - Versions diffs - 0.27.2 → 1.1.3 - Mend

axios 0.27.2 → 1.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of axios might be problematic. Click here for more details.

Files changed (75) hide show

package/CHANGELOG.md +232 -920
package/LICENSE +4 -16
package/README.md +386 -103
package/SECURITY.md +4 -3
package/UPGRADE_GUIDE.md +1 -166
package/bin/ssl_hotfix.js +22 -0
package/dist/axios.js +2430 -2367
package/dist/axios.js.map +1 -0
package/dist/axios.min.js +2 -3
package/dist/axios.min.js.map +1 -0
package/dist/esm/axios.js +2950 -0
package/dist/esm/axios.js.map +1 -0
package/dist/esm/axios.min.js +2 -0
package/dist/esm/axios.min.js.map +1 -0
package/dist/node/axios.cjs +3764 -0
package/dist/node/axios.cjs.map +1 -0
package/gulpfile.js +88 -0
package/index.d.ts +299 -70
package/index.js +32 -1
package/karma.conf.cjs +250 -0
package/lib/adapters/http.js +378 -211
package/lib/adapters/index.js +33 -0
package/lib/adapters/xhr.js +81 -57
package/lib/axios.js +34 -22
package/lib/cancel/CancelToken.js +91 -89
package/lib/cancel/CanceledError.js +9 -6
package/lib/cancel/isCancel.js +2 -2
package/lib/core/Axios.js +133 -98
package/lib/core/AxiosError.js +22 -8
package/lib/core/AxiosHeaders.js +268 -0
package/lib/core/InterceptorManager.js +62 -45
package/lib/core/buildFullPath.js +5 -4
package/lib/core/dispatchRequest.js +21 -32
package/lib/core/mergeConfig.js +8 -7
package/lib/core/settle.js +6 -4
package/lib/core/transformData.js +15 -9
package/lib/defaults/index.js +77 -38
package/lib/defaults/transitional.js +1 -1
package/lib/env/classes/FormData.js +2 -0
package/lib/env/data.js +1 -3
package/lib/helpers/AxiosTransformStream.js +191 -0
package/lib/helpers/AxiosURLSearchParams.js +58 -0
package/lib/helpers/bind.js +3 -7
package/lib/helpers/buildURL.js +26 -33
package/lib/helpers/combineURLs.js +3 -2
package/lib/helpers/cookies.js +43 -44
package/lib/helpers/deprecatedMethod.js +4 -2
package/lib/helpers/formDataToJSON.js +92 -0
package/lib/helpers/fromDataURI.js +53 -0
package/lib/helpers/isAbsoluteURL.js +3 -2
package/lib/helpers/isAxiosError.js +4 -3
package/lib/helpers/isURLSameOrigin.js +44 -45
package/lib/helpers/null.js +1 -1
package/lib/helpers/parseHeaders.js +24 -22
package/lib/helpers/parseProtocol.js +3 -3
package/lib/helpers/speedometer.js +55 -0
package/lib/helpers/spread.js +3 -2
package/lib/helpers/throttle.js +33 -0
package/lib/helpers/toFormData.js +193 -36
package/lib/helpers/toURLEncodedForm.js +18 -0
package/lib/helpers/validator.js +20 -15
package/lib/platform/browser/classes/FormData.js +3 -0
package/lib/platform/browser/classes/URLSearchParams.js +4 -0
package/lib/platform/browser/index.js +43 -0
package/lib/platform/index.js +3 -0
package/lib/platform/node/classes/FormData.js +3 -0
package/lib/platform/node/classes/URLSearchParams.js +4 -0
package/lib/platform/node/index.js +12 -0
package/lib/utils.js +321 -178
package/package.json +70 -23
package/rollup.config.js +90 -0
package/dist/axios.map +0 -1
package/dist/axios.min.map +0 -1
package/lib/defaults/env/FormData.js +0 -2
package/lib/helpers/normalizeHeaderName.js +0 -12

package/SECURITY.md CHANGED Viewed

@@ -1,5 +1,6 @@
-# Security Policy
+# Reporting a Vulnerability
-## Reporting a Vulnerability
+If you discover a security vulnerability in axios please disclose it via [our huntr page](https://huntr.dev/repos/axios/axios/). Bounty eligibility, CVE assignment, response times and past reports are all there.
-Please report security issues to jasonsaayman@gmail.com
+Thank you for improving the security of axios.

package/UPGRADE_GUIDE.md CHANGED Viewed

@@ -1,168 +1,3 @@
 # Upgrade Guide
-### 0.18.x -> 0.19.0
-#### HTTPS Proxies
-Routing through an https proxy now requires setting the `protocol` attribute of the proxy configuration to `https`
-### 0.15.x -> 0.16.0
-#### `Promise` Type Declarations
-The `Promise` type declarations have been removed from the axios typings in favor of the built-in type declarations. If you use axios in a TypeScript project that targets `ES5`, please make sure to include the `es2015.promise` lib. Please see [this post](https://blog.mariusschulz.com/2016/11/25/typescript-2-0-built-in-type-declarations) for details.
-### 0.13.x -> 0.14.0
-#### TypeScript Definitions
-The axios TypeScript definitions have been updated to match the axios API and use the ES2015 module syntax.
-Please use the following `import` statement to import axios in TypeScript:
-```typescript
-import axios from 'axios';
-axios.get('/foo')
-  .then(response => console.log(response))
-  .catch(error => console.log(error));
-```
-#### `agent` Config Option
-The `agent` config option has been replaced with two new options: `httpAgent` and `httpsAgent`. Please use them instead.
-```js
-{
-  // Define a custom agent for HTTP
-  httpAgent: new http.Agent({ keepAlive: true }),
-  // Define a custom agent for HTTPS
-  httpsAgent: new https.Agent({ keepAlive: true })
-}
-```
-#### `progress` Config Option
-The `progress` config option has been replaced with the `onUploadProgress` and `onDownloadProgress` options.
-```js
-{
-  // Define a handler for upload progress events
-  onUploadProgress: function (progressEvent) {
-    // ...
-  },
-  // Define a handler for download progress events
-  onDownloadProgress: function (progressEvent) {
-    // ...
-  }
-}
-```
-### 0.12.x -> 0.13.0
-The `0.13.0` release contains several changes to custom adapters and error handling.
-#### Error Handling
-Previous to this release an error could either be a server response with bad status code or an actual `Error`. With this release Promise will always reject with an `Error`. In the case that a response was received, the `Error` will also include the response.
-```js
-axios.get('/user/12345')
-  .catch((error) => {
-    console.log(error.message);
-    console.log(error.code); // Not always specified
-    console.log(error.config); // The config that was used to make the request
-    console.log(error.response); // Only available if response was received from the server
-  });
-```
-#### Request Adapters
-This release changes a few things about how request adapters work. Please take note if you are using your own custom adapter.
-1. Response transformer is now called outside of adapter.
-2. Request adapter returns a `Promise`.
-This means that you no longer need to invoke `transformData` on response data. You will also no longer receive `resolve` and `reject` as arguments in your adapter.
-Previous code:
-```js
-function myAdapter(resolve, reject, config) {
-  var response = {
-    data: transformData(
-      responseData,
-      responseHeaders,
-      config.transformResponse
-    ),
-    status: request.status,
-    statusText: request.statusText,
-    headers: responseHeaders
-  };
-  settle(resolve, reject, response);
-}
-```
-New code:
-```js
-function myAdapter(config) {
-  return new Promise(function (resolve, reject) {
-    var response = {
-      data: responseData,
-      status: request.status,
-      statusText: request.statusText,
-      headers: responseHeaders
-    };
-    settle(resolve, reject, response);
-  });
-}
-```
-See the related commits for more details:
-- [Response transformers](https://github.com/axios/axios/commit/10eb23865101f9347570552c04e9d6211376e25e)
-- [Request adapter Promise](https://github.com/axios/axios/commit/157efd5615890301824e3121cc6c9d2f9b21f94a)
-### 0.5.x -> 0.6.0
-The `0.6.0` release contains mostly bug fixes, but there are a couple things to be aware of when upgrading.
-#### ES6 Promise Polyfill
-Up until the `0.6.0` release ES6 `Promise` was being polyfilled using [es6-promise](https://github.com/jakearchibald/es6-promise). With this release, the polyfill has been removed, and you will need to supply it yourself if your environment needs it.
-```js
-require('es6-promise').polyfill();
-var axios = require('axios');
-```
-This will polyfill the global environment, and only needs to be done once.
-#### `axios.success`/`axios.error`
-The `success`, and `error` aliases were deprecated in [0.4.0](https://github.com/axios/axios/blob/master/CHANGELOG.md#040-oct-03-2014). As of this release they have been removed entirely. Instead please use `axios.then`, and `axios.catch` respectively.
-```js
-axios.get('some/url')
-  .then(function (res) {
-    /* ... */
-  })
-  .catch(function (err) {
-    /* ... */
-  });
-```
-#### UMD
-Previous versions of axios shipped with an AMD, CommonJS, and Global build. This has all been rolled into a single UMD build.
-```js
-// AMD
-require(['bower_components/axios/dist/axios'], function (axios) {
-  /* ... */
-});
-// CommonJS
-var axios = require('axios/dist/axios');
-```
+## 0.x.x -> 1.1.0

package/bin/ssl_hotfix.js ADDED Viewed

@@ -0,0 +1,22 @@
+import {spawn} from 'child_process';
+const args = process.argv.slice(2);
+console.log(`Running ${args.join(' ')} on ${process.version}\n`);
+const match = /v(\d+)/.exec(process.version);
+const isHotfixNeeded = match && match[1] > 16;
+isHotfixNeeded && console.warn('Setting --openssl-legacy-provider as ssl hotfix');
+const test = spawn('cross-env',
+  isHotfixNeeded ? ['NODE_OPTIONS=--openssl-legacy-provider', ...args] : args, {
+    shell: true,
+    stdio: 'inherit'
+  }
+);
+test.on('exit', function (code) {
+  process.exit(code)
+})