axios 1.17.0 → 1.18.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -6,4 +6,5 @@ export default {
6
6
  clarifyTimeoutError: false,
7
7
  legacyInterceptorReqResOrdering: true,
8
8
  advertiseZstdAcceptEncoding: false,
9
+ validateStatusUndefinedResolves: true,
9
10
  };
package/lib/env/data.js CHANGED
@@ -1 +1 @@
1
- export const VERSION = "1.17.0";
1
+ export const VERSION = "1.18.1";
@@ -46,9 +46,7 @@ prototype.append = function append(name, value) {
46
46
 
47
47
  prototype.toString = function toString(encoder) {
48
48
  const _encode = encoder
49
- ? function (value) {
50
- return encoder.call(this, value, encode);
51
- }
49
+ ? (value) => encoder.call(this, value, encode)
52
50
  : encode;
53
51
 
54
52
  return this._pairs
@@ -32,8 +32,7 @@ export default function buildURL(url, params, options) {
32
32
  if (!params) {
33
33
  return url;
34
34
  }
35
-
36
- const _encode = (options && options.encode) || encode;
35
+ url = url || '';
37
36
 
38
37
  const _options = utils.isFunction(options)
39
38
  ? {
@@ -41,7 +40,11 @@ export default function buildURL(url, params, options) {
41
40
  }
42
41
  : options;
43
42
 
44
- const serializeFn = _options && _options.serialize;
43
+ // Read serializer options pollution-safely: own properties and methods on a
44
+ // class/template prototype are honored, but values injected onto a polluted
45
+ // Object.prototype are ignored.
46
+ const _encode = utils.getSafeProp(_options, 'encode') || encode;
47
+ const serializeFn = utils.getSafeProp(_options, 'serialize');
45
48
 
46
49
  let serializedParams;
47
50
 
@@ -45,7 +45,7 @@ const composeSignals = (signals, timeout) => {
45
45
  signals = null;
46
46
  };
47
47
 
48
- signals.forEach((signal) => signal.addEventListener('abort', onabort));
48
+ signals.forEach((signal) => signal.addEventListener('abort', onabort, { once: true }));
49
49
 
50
50
  const { signal } = controller;
51
51
 
@@ -40,7 +40,11 @@ export default platform.hasStandardBrowserEnv
40
40
  const cookie = cookies[i].replace(/^\s+/, '');
41
41
  const eq = cookie.indexOf('=');
42
42
  if (eq !== -1 && cookie.slice(0, eq) === name) {
43
- return decodeURIComponent(cookie.slice(eq + 1));
43
+ try {
44
+ return decodeURIComponent(cookie.slice(eq + 1));
45
+ } catch (e) {
46
+ return cookie.slice(eq + 1);
47
+ }
44
48
  }
45
49
  }
46
50
  return null;
@@ -2,11 +2,19 @@
2
2
  * Estimate decoded byte length of a data:// URL *without* allocating large buffers.
3
3
  * - For base64: compute exact decoded size using length and padding;
4
4
  * handle %XX at the character-count level (no string allocation).
5
- * - For non-base64: use UTF-8 byteLength of the encoded body as a safe upper bound.
5
+ * - For non-base64: compute the exact percent-decoded UTF-8 byte length.
6
6
  *
7
7
  * @param {string} url
8
8
  * @returns {number}
9
9
  */
10
+ const isHexDigit = (charCode) =>
11
+ (charCode >= 48 && charCode <= 57) ||
12
+ (charCode >= 65 && charCode <= 70) ||
13
+ (charCode >= 97 && charCode <= 102);
14
+
15
+ const isPercentEncodedByte = (str, i, len) =>
16
+ i + 2 < len && isHexDigit(str.charCodeAt(i + 1)) && isHexDigit(str.charCodeAt(i + 2));
17
+
10
18
  export default function estimateDataURLDecodedBytes(url) {
11
19
  if (!url || typeof url !== 'string') return 0;
12
20
  if (!url.startsWith('data:')) return 0;
@@ -26,9 +34,7 @@ export default function estimateDataURLDecodedBytes(url) {
26
34
  if (body.charCodeAt(i) === 37 /* '%' */ && i + 2 < len) {
27
35
  const a = body.charCodeAt(i + 1);
28
36
  const b = body.charCodeAt(i + 2);
29
- const isHex =
30
- ((a >= 48 && a <= 57) || (a >= 65 && a <= 70) || (a >= 97 && a <= 102)) &&
31
- ((b >= 48 && b <= 57) || (b >= 65 && b <= 70) || (b >= 97 && b <= 102));
37
+ const isHex = isHexDigit(a) && isHexDigit(b);
32
38
 
33
39
  if (isHex) {
34
40
  effectiveLen -= 2;
@@ -69,18 +75,17 @@ export default function estimateDataURLDecodedBytes(url) {
69
75
  return bytes > 0 ? bytes : 0;
70
76
  }
71
77
 
72
- if (typeof Buffer !== 'undefined' && typeof Buffer.byteLength === 'function') {
73
- return Buffer.byteLength(body, 'utf8');
74
- }
75
-
76
78
  // Compute UTF-8 byte length directly from UTF-16 code units without allocating
77
79
  // a byte buffer (TextEncoder.encode would defeat the DoS guard on large bodies).
78
- // Using body.length here would undercount non-ASCII (e.g. '€' is 1 code unit
79
- // but 3 UTF-8 bytes).
80
+ // Valid %XX triplets count as one decoded byte; this matches the bytes that
81
+ // decodeURIComponent(body) would produce before Buffer re-encodes the string.
80
82
  let bytes = 0;
81
83
  for (let i = 0, len = body.length; i < len; i++) {
82
84
  const c = body.charCodeAt(i);
83
- if (c < 0x80) {
85
+ if (c === 37 /* '%' */ && isPercentEncodedByte(body, i, len)) {
86
+ bytes += 1;
87
+ i += 2;
88
+ } else if (c < 0x80) {
84
89
  bytes += 1;
85
90
  } else if (c < 0x800) {
86
91
  bytes += 2;
@@ -1,6 +1,19 @@
1
1
  'use strict';
2
2
 
3
3
  import utils from '../utils.js';
4
+ import AxiosError from '../core/AxiosError.js';
5
+ import { DEFAULT_FORM_DATA_MAX_DEPTH } from './toFormData.js';
6
+
7
+ const MAX_DEPTH = DEFAULT_FORM_DATA_MAX_DEPTH;
8
+
9
+ function throwIfDepthExceeded(index) {
10
+ if (index > MAX_DEPTH) {
11
+ throw new AxiosError(
12
+ 'FormData field is too deeply nested (' + index + ' levels). Max depth: ' + MAX_DEPTH,
13
+ AxiosError.ERR_FORM_DATA_DEPTH_EXCEEDED
14
+ );
15
+ }
16
+ }
4
17
 
5
18
  /**
6
19
  * It takes a string like `foo[x][y][z]` and returns an array like `['foo', 'x', 'y', 'z']
@@ -14,9 +27,16 @@ function parsePropPath(name) {
14
27
  // foo.x.y.z
15
28
  // foo-x-y-z
16
29
  // foo x y z
17
- return utils.matchAll(/\w+|\[(\w*)]/g, name).map((match) => {
18
- return match[0] === '[]' ? '' : match[1] || match[0];
19
- });
30
+ const path = [];
31
+ const pattern = /\w+|\[(\w*)]/g;
32
+ let match;
33
+
34
+ while ((match = pattern.exec(name)) !== null) {
35
+ throwIfDepthExceeded(path.length);
36
+ path.push(match[0] === '[]' ? '' : match[1] || match[0]);
37
+ }
38
+
39
+ return path;
20
40
  }
21
41
 
22
42
  /**
@@ -48,6 +68,8 @@ function arrayToObject(arr) {
48
68
  */
49
69
  function formDataToJSON(formData) {
50
70
  function buildPath(path, value, target, index) {
71
+ throwIfDepthExceeded(index);
72
+
51
73
  let name = path[index++];
52
74
 
53
75
  if (name === '__proto__') return true;
@@ -42,14 +42,16 @@ export default function fromDataURI(uri, asBlob, options) {
42
42
 
43
43
  // RFC 2397 section 3: default mediatype is text/plain;charset=US-ASCII
44
44
  // Bare `data:,` leaves mime undefined; Blob normalises that to "" per spec.
45
- let mime;
45
+ let mime = '';
46
46
  if (type) {
47
47
  mime = params ? type + params : type;
48
48
  } else if (params) {
49
49
  mime = 'text/plain' + params;
50
50
  }
51
51
 
52
- const buffer = Buffer.from(decodeURIComponent(body), encoding);
52
+ const buffer = encoding === 'base64'
53
+ ? Buffer.from(body, 'base64')
54
+ : Buffer.from(decodeURIComponent(body), encoding);
53
55
 
54
56
  if (asBlob) {
55
57
  if (!_Blob) {
@@ -1,5 +1,6 @@
1
1
  import platform from '../platform/index.js';
2
2
  import utils from '../utils.js';
3
+ import AxiosError from '../core/AxiosError.js';
3
4
  import isURLSameOrigin from './isURLSameOrigin.js';
4
5
  import cookies from './cookies.js';
5
6
  import buildFullPath from '../core/buildFullPath.js';
@@ -15,7 +16,7 @@ function setFormDataHeaders(headers, formHeaders, policy) {
15
16
  return;
16
17
  }
17
18
 
18
- Object.entries(formHeaders).forEach(([key, val]) => {
19
+ Object.entries(formHeaders || {}).forEach(([key, val]) => {
19
20
  if (FORM_DATA_CONTENT_HEADERS.includes(key.toLowerCase())) {
20
21
  headers.set(key, val);
21
22
  }
@@ -55,18 +56,24 @@ function resolveConfig(config) {
55
56
  newConfig.headers = headers = AxiosHeaders.from(headers);
56
57
 
57
58
  newConfig.url = buildURL(
58
- buildFullPath(baseURL, url, allowAbsoluteUrls),
59
+ buildFullPath(baseURL, url, allowAbsoluteUrls, newConfig),
59
60
  own('params'),
60
61
  own('paramsSerializer')
61
62
  );
62
63
 
63
64
  // HTTP basic authentication
64
65
  if (auth) {
65
- headers.set(
66
- 'Authorization',
67
- 'Basic ' +
68
- btoa((auth.username || '') + ':' + (auth.password ? encodeUTF8(auth.password) : ''))
69
- );
66
+ const username = utils.getSafeProp(auth, 'username') || '';
67
+ const password = utils.getSafeProp(auth, 'password') || '';
68
+
69
+ try {
70
+ headers.set(
71
+ 'Authorization',
72
+ 'Basic ' + btoa(username + ':' + (password ? encodeUTF8(password) : ''))
73
+ );
74
+ } catch (e) {
75
+ throw AxiosError.from(e, AxiosError.ERR_BAD_OPTION_VALUE, config);
76
+ }
70
77
  }
71
78
 
72
79
  if (utils.isFormData(data)) {
@@ -1,4 +1,4 @@
1
- const LOOPBACK_HOSTNAMES = new Set(['localhost']);
1
+ const LOOPBACK_HOSTNAMES = new Set(['localhost', '0.0.0.0']);
2
2
 
3
3
  const isIPv4Loopback = (host) => {
4
4
  const parts = host.split('.');
@@ -7,6 +7,37 @@ const isIPv4Loopback = (host) => {
7
7
  return parts.every((p) => /^\d+$/.test(p) && Number(p) >= 0 && Number(p) <= 255);
8
8
  };
9
9
 
10
+ const isIPv6ZeroGroup = (group) => /^0{1,4}$/.test(group);
11
+
12
+ // The unspecified address (IPv4 0.0.0.0 / IPv6 ::) resolves to the local host
13
+ // for outbound connections, so treat it as loopback-equivalent for NO_PROXY
14
+ // matching. 0.0.0.0 is covered by LOOPBACK_HOSTNAMES; this handles compressed
15
+ // and full IPv6 all-zero forms so both families bypass symmetrically.
16
+ const isIPv6Unspecified = (host) => {
17
+ if (host === '::') return true;
18
+
19
+ const compressionIndex = host.indexOf('::');
20
+
21
+ if (compressionIndex !== -1) {
22
+ if (compressionIndex !== host.lastIndexOf('::')) return false;
23
+
24
+ const left = host.slice(0, compressionIndex);
25
+ const right = host.slice(compressionIndex + 2);
26
+ const leftGroups = left ? left.split(':') : [];
27
+ const rightGroups = right ? right.split(':') : [];
28
+ const explicitGroups = leftGroups.length + rightGroups.length;
29
+
30
+ return (
31
+ explicitGroups < 8 &&
32
+ leftGroups.every(isIPv6ZeroGroup) &&
33
+ rightGroups.every(isIPv6ZeroGroup)
34
+ );
35
+ }
36
+
37
+ const groups = host.split(':');
38
+ return groups.length === 8 && groups.every(isIPv6ZeroGroup);
39
+ };
40
+
10
41
  const isIPv6Loopback = (host) => {
11
42
  // Collapse all-zero groups: any form of ::1 / 0:0:...:0:1
12
43
  // First, strip any leading "::" by normalising with Set lookup of common forms,
@@ -42,6 +73,7 @@ const isLoopback = (host) => {
42
73
  if (!host) return false;
43
74
  if (LOOPBACK_HOSTNAMES.has(host)) return true;
44
75
  if (isIPv4Loopback(host)) return true;
76
+ if (isIPv6Unspecified(host)) return true;
45
77
  return isIPv6Loopback(host);
46
78
  };
47
79
 
@@ -5,6 +5,10 @@ import AxiosError from '../core/AxiosError.js';
5
5
  // temporary hotfix to avoid circular references until AxiosURLSearchParams is refactored
6
6
  import PlatformFormData from '../platform/node/classes/FormData.js';
7
7
 
8
+ // Default nesting limit shared with the inverse transform (formDataToJSON) so
9
+ // the FormData <-> JSON round-trip stays symmetric.
10
+ export const DEFAULT_FORM_DATA_MAX_DEPTH = 100;
11
+
8
12
  /**
9
13
  * Determines if the given thing is a array or js object.
10
14
  *
@@ -115,8 +119,9 @@ function toFormData(obj, formData, options) {
115
119
  const dots = options.dots;
116
120
  const indexes = options.indexes;
117
121
  const _Blob = options.Blob || (typeof Blob !== 'undefined' && Blob);
118
- const maxDepth = options.maxDepth === undefined ? 100 : options.maxDepth;
122
+ const maxDepth = options.maxDepth === undefined ? DEFAULT_FORM_DATA_MAX_DEPTH : options.maxDepth;
119
123
  const useBlob = _Blob && utils.isSpecCompliantForm(formData);
124
+ const stack = [];
120
125
 
121
126
  if (!utils.isFunction(visitor)) {
122
127
  throw new TypeError('visitor must be a function');
@@ -138,12 +143,50 @@ function toFormData(obj, formData, options) {
138
143
  }
139
144
 
140
145
  if (utils.isArrayBuffer(value) || utils.isTypedArray(value)) {
141
- return useBlob && typeof Blob === 'function' ? new Blob([value]) : Buffer.from(value);
146
+ if (useBlob && typeof _Blob === 'function') {
147
+ return new _Blob([value]);
148
+ }
149
+ if (typeof Buffer !== 'undefined') {
150
+ return Buffer.from(value);
151
+ }
152
+ throw new AxiosError('Blob is not supported. Use a Buffer instead.', AxiosError.ERR_NOT_SUPPORT);
142
153
  }
143
154
 
144
155
  return value;
145
156
  }
146
157
 
158
+ function throwIfMaxDepthExceeded(depth) {
159
+ if (depth > maxDepth) {
160
+ throw new AxiosError(
161
+ 'Object is too deeply nested (' + depth + ' levels). Max depth: ' + maxDepth,
162
+ AxiosError.ERR_FORM_DATA_DEPTH_EXCEEDED
163
+ );
164
+ }
165
+ }
166
+
167
+ function stringifyWithDepthLimit(value, depth) {
168
+ if (maxDepth === Infinity) {
169
+ return JSON.stringify(value);
170
+ }
171
+
172
+ const ancestors = [];
173
+
174
+ return JSON.stringify(value, function limitDepth(_key, currentValue) {
175
+ if (!utils.isObject(currentValue)) {
176
+ return currentValue;
177
+ }
178
+
179
+ while (ancestors.length && ancestors[ancestors.length - 1] !== this) {
180
+ ancestors.pop();
181
+ }
182
+
183
+ ancestors.push(currentValue);
184
+ throwIfMaxDepthExceeded(depth + ancestors.length - 1);
185
+
186
+ return currentValue;
187
+ });
188
+ }
189
+
147
190
  /**
148
191
  * Default visitor.
149
192
  *
@@ -167,7 +210,7 @@ function toFormData(obj, formData, options) {
167
210
  // eslint-disable-next-line no-param-reassign
168
211
  key = metaTokens ? key : key.slice(0, -2);
169
212
  // eslint-disable-next-line no-param-reassign
170
- value = JSON.stringify(value);
213
+ value = stringifyWithDepthLimit(value, 1);
171
214
  } else if (
172
215
  (utils.isArray(value) && isFlatArray(value)) ||
173
216
  ((utils.isFileList(value) || utils.endsWith(key, '[]')) && (arr = utils.toArray(value)))
@@ -200,8 +243,6 @@ function toFormData(obj, formData, options) {
200
243
  return false;
201
244
  }
202
245
 
203
- const stack = [];
204
-
205
246
  const exposedHelpers = Object.assign(predicates, {
206
247
  defaultVisitor,
207
248
  convertValue,
@@ -211,12 +252,7 @@ function toFormData(obj, formData, options) {
211
252
  function build(value, path, depth = 0) {
212
253
  if (utils.isUndefined(value)) return;
213
254
 
214
- if (depth > maxDepth) {
215
- throw new AxiosError(
216
- 'Object is too deeply nested (' + depth + ' levels). Max depth: ' + maxDepth,
217
- AxiosError.ERR_FORM_DATA_DEPTH_EXCEEDED
218
- );
219
- }
255
+ throwIfMaxDepthExceeded(depth);
220
256
 
221
257
  if (stack.indexOf(value) !== -1) {
222
258
  throw new Error('Circular reference detected in ' + path.join('.'));
@@ -79,7 +79,7 @@ validators.spelling = function spelling(correctSpelling) {
79
79
  */
80
80
 
81
81
  function assertOptions(options, schema, allowUnknown) {
82
- if (typeof options !== 'object') {
82
+ if (typeof options !== 'object' || options === null) {
83
83
  throw new AxiosError('options must be an object', AxiosError.ERR_BAD_OPTION_VALUE);
84
84
  }
85
85
  const keys = Object.keys(options);
package/lib/utils.js CHANGED
@@ -8,6 +8,57 @@ const { toString } = Object.prototype;
8
8
  const { getPrototypeOf } = Object;
9
9
  const { iterator, toStringTag } = Symbol;
10
10
 
11
+ /* Creating a function that will check if an object has a property. */
12
+ const hasOwnProperty = (
13
+ ({ hasOwnProperty }) =>
14
+ (obj, prop) =>
15
+ hasOwnProperty.call(obj, prop)
16
+ )(Object.prototype);
17
+
18
+ /**
19
+ * Walk the prototype chain (excluding the shared Object.prototype) looking for
20
+ * an own `prop`. This distinguishes genuine own/inherited members — including
21
+ * class accessors and template prototypes — from members injected via
22
+ * Object.prototype pollution (e.g. `Object.prototype.username = '...'`), which
23
+ * live on Object.prototype itself and are therefore never matched.
24
+ *
25
+ * @param {*} thing The value whose chain to inspect
26
+ * @param {string|symbol} prop The property key to look for
27
+ *
28
+ * @returns {boolean} True when `prop` is owned below Object.prototype
29
+ */
30
+ const hasOwnInPrototypeChain = (thing, prop) => {
31
+ let obj = thing;
32
+ const seen = [];
33
+
34
+ while (obj != null && obj !== Object.prototype) {
35
+ if (seen.indexOf(obj) !== -1) {
36
+ return false;
37
+ }
38
+ seen.push(obj);
39
+
40
+ if (hasOwnProperty(obj, prop)) {
41
+ return true;
42
+ }
43
+ obj = getPrototypeOf(obj);
44
+ }
45
+ return false;
46
+ };
47
+
48
+ /**
49
+ * Read `obj[prop]` only when it is safe from Object.prototype pollution. Own
50
+ * properties and members inherited from a non-Object.prototype source (a class
51
+ * instance or template object) are honored; a value reachable only through a
52
+ * polluted Object.prototype is ignored and `undefined` is returned.
53
+ *
54
+ * @param {*} obj The source object
55
+ * @param {string|symbol} prop The property key to read
56
+ *
57
+ * @returns {*} The resolved value, or undefined when unsafe/absent
58
+ */
59
+ const getSafeProp = (obj, prop) =>
60
+ obj != null && hasOwnInPrototypeChain(obj, prop) ? obj[prop] : undefined;
61
+
11
62
  const kindOf = ((cache) => (thing) => {
12
63
  const str = toString.call(thing);
13
64
  return cache[str] || (cache[str] = str.slice(8, -1).toLowerCase());
@@ -133,7 +184,7 @@ const isBoolean = (thing) => thing === true || thing === false;
133
184
  * @returns {boolean} True if value is a plain Object, otherwise false
134
185
  */
135
186
  const isPlainObject = (val) => {
136
- if (kindOf(val) !== 'object') {
187
+ if (!isObject(val)) {
137
188
  return false;
138
189
  }
139
190
 
@@ -141,9 +192,12 @@ const isPlainObject = (val) => {
141
192
  return (
142
193
  (prototype === null ||
143
194
  prototype === Object.prototype ||
144
- Object.getPrototypeOf(prototype) === null) &&
145
- !(toStringTag in val) &&
146
- !(iterator in val)
195
+ getPrototypeOf(prototype) === null) &&
196
+ // Treat any genuine (non-Object.prototype-polluted) Symbol.toStringTag or
197
+ // Symbol.iterator as evidence the value is a tagged/iterable type rather
198
+ // than a plain object, while ignoring keys injected onto Object.prototype.
199
+ !hasOwnInPrototypeChain(val, toStringTag) &&
200
+ !hasOwnInPrototypeChain(val, iterator)
147
201
  );
148
202
  };
149
203
 
@@ -670,13 +724,6 @@ const toCamelCase = (str) => {
670
724
  });
671
725
  };
672
726
 
673
- /* Creating a function that will check if an object has a property. */
674
- const hasOwnProperty = (
675
- ({ hasOwnProperty }) =>
676
- (obj, prop) =>
677
- hasOwnProperty.call(obj, prop)
678
- )(Object.prototype);
679
-
680
727
  const { propertyIsEnumerable } = Object.prototype;
681
728
 
682
729
  /**
@@ -890,6 +937,20 @@ const asap =
890
937
 
891
938
  const isIterable = (thing) => thing != null && isFunction(thing[iterator]);
892
939
 
940
+ /**
941
+ * Determine if a value is iterable via an iterator that is NOT sourced solely
942
+ * from a polluted Object.prototype. Use this instead of `isIterable` whenever
943
+ * the iterable comes from untrusted input (e.g. user-supplied header sources),
944
+ * so `Object.prototype[Symbol.iterator] = ...` cannot turn an ordinary object
945
+ * into an attacker-controlled entries iterator.
946
+ *
947
+ * @param {*} thing The value to test
948
+ *
949
+ * @returns {boolean} True if value has a non-polluted iterator
950
+ */
951
+ const isSafeIterable = (thing) =>
952
+ thing != null && hasOwnInPrototypeChain(thing, iterator) && isIterable(thing);
953
+
893
954
  export default {
894
955
  isArray,
895
956
  isArrayBuffer,
@@ -934,6 +995,8 @@ export default {
934
995
  isHTMLForm,
935
996
  hasOwnProperty,
936
997
  hasOwnProp: hasOwnProperty, // an alias to avoid ESLint no-prototype-builtins detection
998
+ hasOwnInPrototypeChain,
999
+ getSafeProp,
937
1000
  reduceDescriptors,
938
1001
  freezeMethods,
939
1002
  toObjectSet,
@@ -950,4 +1013,5 @@ export default {
950
1013
  setImmediate: _setImmediate,
951
1014
  asap,
952
1015
  isIterable,
1016
+ isSafeIterable,
953
1017
  };
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "axios",
3
- "version": "1.17.0",
3
+ "version": "1.18.1",
4
4
  "description": "Promise based HTTP client for the browser and node.js",
5
5
  "main": "./dist/node/axios.cjs",
6
6
  "module": "./index.js",
@@ -87,8 +87,8 @@
87
87
  "Martti Laine (https://github.com/codeclown)",
88
88
  "Xianming Zhong (https://github.com/chinesedfan)",
89
89
  "Shaan Majid (https://github.com/shaanmajid)",
90
- "Willian Agostini (https://github.com/WillianAgostini)",
91
90
  "Remco Haszing (https://github.com/remcohaszing)",
91
+ "Willian Agostini (https://github.com/WillianAgostini)",
92
92
  "Rikki Gibson (https://github.com/RikkiGibson)"
93
93
  ],
94
94
  "sideEffects": false,