contentful-management 12.6.0 → 12.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (31) hide show
  1. package/dist/browser/index.js +2169 -1258
  2. package/dist/browser/index.js.map +1 -1
  3. package/dist/browser/index.min.js +1 -1
  4. package/dist/browser/index.min.js.map +1 -1
  5. package/dist/cjs/index.cjs +62 -19
  6. package/dist/cjs/index.cjs.map +1 -1
  7. package/dist/esm/adapters/REST/endpoints/comment.mjs +10 -2
  8. package/dist/esm/adapters/REST/endpoints/comment.mjs.map +1 -1
  9. package/dist/esm/adapters/REST/endpoints/task.mjs +28 -1
  10. package/dist/esm/adapters/REST/endpoints/task.mjs.map +1 -1
  11. package/dist/esm/common-types.mjs.map +1 -1
  12. package/dist/esm/entities/comment.mjs +10 -6
  13. package/dist/esm/entities/comment.mjs.map +1 -1
  14. package/dist/esm/entities/task.mjs +10 -6
  15. package/dist/esm/entities/task.mjs.map +1 -1
  16. package/dist/types/adapters/REST/endpoints/comment.js +10 -2
  17. package/dist/types/adapters/REST/endpoints/comment.js.map +1 -1
  18. package/dist/types/adapters/REST/endpoints/task.js +28 -1
  19. package/dist/types/adapters/REST/endpoints/task.js.map +1 -1
  20. package/dist/types/common-types.d.ts +9 -4
  21. package/dist/types/common-types.js.map +1 -1
  22. package/dist/types/constants/editor-interface-defaults/controls-defaults.d.ts +1 -1
  23. package/dist/types/entities/comment.d.ts +4 -6
  24. package/dist/types/entities/comment.js +10 -6
  25. package/dist/types/entities/comment.js.map +1 -1
  26. package/dist/types/entities/task.d.ts +5 -3
  27. package/dist/types/entities/task.js +10 -6
  28. package/dist/types/entities/task.js.map +1 -1
  29. package/dist/types/export-types.d.ts +1 -1
  30. package/dist/types/plain/entities/task.d.ts +77 -8
  31. package/package.json +1 -1
@@ -4366,7 +4366,7 @@ var contentfulManagement = (function (exports) {
4366
4366
 
4367
4367
  if (obj === null) {
4368
4368
  if (strictNullHandling) {
4369
- return encoder && !encodeValuesOnly ? encoder(prefix, defaults.encoder, charset, 'key', format) : prefix;
4369
+ return formatter(encoder && !encodeValuesOnly ? encoder(prefix, defaults.encoder, charset, 'key', format) : prefix);
4370
4370
  }
4371
4371
 
4372
4372
  obj = '';
@@ -4390,7 +4390,9 @@ var contentfulManagement = (function (exports) {
4390
4390
  if (generateArrayPrefix === 'comma' && isArray(obj)) {
4391
4391
  // we need to join elements in
4392
4392
  if (encodeValuesOnly && encoder) {
4393
- obj = utils.maybeMap(obj, encoder);
4393
+ obj = utils.maybeMap(obj, function (v) {
4394
+ return v == null ? v : encoder(v);
4395
+ });
4394
4396
  }
4395
4397
  objKeys = [{ value: obj.length > 0 ? obj.join(',') || null : void undefined }];
4396
4398
  } else if (isArray(filter)) {
@@ -4560,6 +4562,11 @@ var contentfulManagement = (function (exports) {
4560
4562
  var sideChannel = getSideChannel();
4561
4563
  for (var i = 0; i < objKeys.length; ++i) {
4562
4564
  var key = objKeys[i];
4565
+
4566
+ if (typeof key === 'undefined' || key === null) {
4567
+ continue;
4568
+ }
4569
+
4563
4570
  var value = obj[key];
4564
4571
 
4565
4572
  if (options.skipNulls && value === null) {
@@ -4593,10 +4600,10 @@ var contentfulManagement = (function (exports) {
4593
4600
  if (options.charsetSentinel) {
4594
4601
  if (options.charset === 'iso-8859-1') {
4595
4602
  // encodeURIComponent('&#10003;'), the "numeric entity" representation of a checkmark
4596
- prefix += 'utf8=%26%2310003%3B&';
4603
+ prefix += 'utf8=%26%2310003%3B' + options.delimiter;
4597
4604
  } else {
4598
4605
  // encodeURIComponent('✓')
4599
- prefix += 'utf8=%E2%9C%93&';
4606
+ prefix += 'utf8=%E2%9C%93' + options.delimiter;
4600
4607
  }
4601
4608
  }
4602
4609
 
@@ -4679,10 +4686,10 @@ var contentfulManagement = (function (exports) {
4679
4686
  var limit = options.parameterLimit === Infinity ? void undefined : options.parameterLimit;
4680
4687
  var parts = cleanStr.split(
4681
4688
  options.delimiter,
4682
- options.throwOnLimitExceeded ? limit + 1 : limit
4689
+ options.throwOnLimitExceeded && typeof limit !== 'undefined' ? limit + 1 : limit
4683
4690
  );
4684
4691
 
4685
- if (options.throwOnLimitExceeded && parts.length > limit) {
4692
+ if (options.throwOnLimitExceeded && typeof limit !== 'undefined' && parts.length > limit) {
4686
4693
  throw new RangeError('Parameter limit exceeded. Only ' + limit + ' parameter' + (limit === 1 ? '' : 's') + ' allowed.');
4687
4694
  }
4688
4695
 
@@ -4826,9 +4833,12 @@ var contentfulManagement = (function (exports) {
4826
4833
  return leaf;
4827
4834
  };
4828
4835
 
4829
- var splitKeyIntoSegments = function splitKeyIntoSegments(givenKey, options) {
4830
- var key = options.allowDots ? givenKey.replace(/\.([^.[]+)/g, '[$1]') : givenKey;
4836
+ // Split a key like "a[b][c[]]" into ['a', '[b]', '[c[]]'] while preserving
4837
+ // qs parse semantics for depth/prototype guards.
4838
+ var splitKeyIntoSegments = function splitKeyIntoSegments(originalKey, options) {
4839
+ var key = options.allowDots ? originalKey.replace(/\.([^.[]+)/g, '[$1]') : originalKey;
4831
4840
 
4841
+ // depth <= 0 keeps the whole key as one segment
4832
4842
  if (options.depth <= 0) {
4833
4843
  if (!options.plainObjects && has.call(Object.prototype, key)) {
4834
4844
  if (!options.allowPrototypes) {
@@ -4839,14 +4849,11 @@ var contentfulManagement = (function (exports) {
4839
4849
  return [key];
4840
4850
  }
4841
4851
 
4842
- var brackets = /(\[[^[\]]*])/;
4843
- var child = /(\[[^[\]]*])/g;
4844
-
4845
- var segment = brackets.exec(key);
4846
- var parent = segment ? key.slice(0, segment.index) : key;
4847
-
4848
- var keys = [];
4852
+ var segments = [];
4849
4853
 
4854
+ // parent before the first '[' (may be empty if key starts with '[')
4855
+ var first = key.indexOf('[');
4856
+ var parent = first >= 0 ? key.slice(0, first) : key;
4850
4857
  if (parent) {
4851
4858
  if (!options.plainObjects && has.call(Object.prototype, parent)) {
4852
4859
  if (!options.allowPrototypes) {
@@ -4854,32 +4861,62 @@ var contentfulManagement = (function (exports) {
4854
4861
  }
4855
4862
  }
4856
4863
 
4857
- keys[keys.length] = parent;
4864
+ segments[segments.length] = parent;
4858
4865
  }
4859
4866
 
4860
- var i = 0;
4861
- while ((segment = child.exec(key)) !== null && i < options.depth) {
4862
- i += 1;
4863
-
4864
- var segmentContent = segment[1].slice(1, -1);
4865
- if (!options.plainObjects && has.call(Object.prototype, segmentContent)) {
4866
- if (!options.allowPrototypes) {
4867
- return;
4867
+ var n = key.length;
4868
+ var open = first;
4869
+ var collected = 0;
4870
+
4871
+ while (open >= 0 && collected < options.depth) {
4872
+ var level = 1;
4873
+ var i = open + 1;
4874
+ var close = -1;
4875
+
4876
+ // balance nested '[' and ']' inside this bracket group using a nesting level counter
4877
+ while (i < n && close < 0) {
4878
+ var cu = key.charCodeAt(i);
4879
+ if (cu === 0x5B) { // '['
4880
+ level += 1;
4881
+ } else if (cu === 0x5D) { // ']'
4882
+ level -= 1;
4883
+ if (level === 0) {
4884
+ close = i; // found matching close; loop will exit by condition
4885
+ }
4868
4886
  }
4887
+ i += 1;
4888
+ }
4889
+
4890
+ if (close < 0) {
4891
+ // Unterminated group: wrap the raw remainder in one bracket pair so it stays
4892
+ // a single literal segment (e.g. "[[]b" -> "[[]b]"); we do not infer missing ']'.
4893
+ segments[segments.length] = '[' + key.slice(open) + ']';
4894
+ return segments;
4895
+ }
4896
+
4897
+ var seg = key.slice(open, close + 1);
4898
+ // prototype guard for the content of this group
4899
+ var content = seg.slice(1, -1);
4900
+ if (!options.plainObjects && has.call(Object.prototype, content) && !options.allowPrototypes) {
4901
+ return;
4869
4902
  }
4870
4903
 
4871
- keys[keys.length] = segment[1];
4904
+ segments[segments.length] = seg;
4905
+ collected += 1;
4906
+
4907
+ // find the next '[' after this balanced group
4908
+ open = key.indexOf('[', close + 1);
4872
4909
  }
4873
4910
 
4874
- if (segment) {
4911
+ if (open >= 0) {
4875
4912
  if (options.strictDepth === true) {
4876
4913
  throw new RangeError('Input depth exceeded depth option of ' + options.depth + ' and strictDepth is true');
4877
4914
  }
4878
4915
 
4879
- keys[keys.length] = '[' + key.slice(segment.index) + ']';
4916
+ segments[segments.length] = '[' + key.slice(open) + ']';
4880
4917
  }
4881
4918
 
4882
- return keys;
4919
+ return segments;
4883
4920
  };
4884
4921
 
4885
4922
  var parseKeys = function parseQueryStringKeys(givenKey, val, options, valuesParsed) {
@@ -5463,7 +5500,7 @@ var contentfulManagement = (function (exports) {
5463
5500
  throw error;
5464
5501
  }
5465
5502
 
5466
- /*! Axios v1.15.0 Copyright (c) 2026 Matt Zabriskie and contributors */
5503
+ /*! Axios v1.18.0 Copyright (c) 2026 Matt Zabriskie and contributors */
5467
5504
 
5468
5505
  var axios_1;
5469
5506
  var hasRequiredAxios;
@@ -5491,6 +5528,57 @@ var contentfulManagement = (function (exports) {
5491
5528
  const { getPrototypeOf } = Object;
5492
5529
  const { iterator, toStringTag } = Symbol;
5493
5530
 
5531
+ /* Creating a function that will check if an object has a property. */
5532
+ const hasOwnProperty = (
5533
+ ({ hasOwnProperty }) =>
5534
+ (obj, prop) =>
5535
+ hasOwnProperty.call(obj, prop)
5536
+ )(Object.prototype);
5537
+
5538
+ /**
5539
+ * Walk the prototype chain (excluding the shared Object.prototype) looking for
5540
+ * an own `prop`. This distinguishes genuine own/inherited members — including
5541
+ * class accessors and template prototypes — from members injected via
5542
+ * Object.prototype pollution (e.g. `Object.prototype.username = '...'`), which
5543
+ * live on Object.prototype itself and are therefore never matched.
5544
+ *
5545
+ * @param {*} thing The value whose chain to inspect
5546
+ * @param {string|symbol} prop The property key to look for
5547
+ *
5548
+ * @returns {boolean} True when `prop` is owned below Object.prototype
5549
+ */
5550
+ const hasOwnInPrototypeChain = (thing, prop) => {
5551
+ let obj = thing;
5552
+ const seen = [];
5553
+
5554
+ while (obj != null && obj !== Object.prototype) {
5555
+ if (seen.indexOf(obj) !== -1) {
5556
+ return false;
5557
+ }
5558
+ seen.push(obj);
5559
+
5560
+ if (hasOwnProperty(obj, prop)) {
5561
+ return true;
5562
+ }
5563
+ obj = getPrototypeOf(obj);
5564
+ }
5565
+ return false;
5566
+ };
5567
+
5568
+ /**
5569
+ * Read `obj[prop]` only when it is safe from Object.prototype pollution. Own
5570
+ * properties and members inherited from a non-Object.prototype source (a class
5571
+ * instance or template object) are honored; a value reachable only through a
5572
+ * polluted Object.prototype is ignored and `undefined` is returned.
5573
+ *
5574
+ * @param {*} obj The source object
5575
+ * @param {string|symbol} prop The property key to read
5576
+ *
5577
+ * @returns {*} The resolved value, or undefined when unsafe/absent
5578
+ */
5579
+ const getSafeProp = (obj, prop) =>
5580
+ obj != null && hasOwnInPrototypeChain(obj, prop) ? obj[prop] : undefined;
5581
+
5494
5582
  const kindOf = ((cache) => (thing) => {
5495
5583
  const str = toString.call(thing);
5496
5584
  return cache[str] || (cache[str] = str.slice(8, -1).toLowerCase());
@@ -5616,7 +5704,7 @@ var contentfulManagement = (function (exports) {
5616
5704
  * @returns {boolean} True if value is a plain Object, otherwise false
5617
5705
  */
5618
5706
  const isPlainObject = (val) => {
5619
- if (kindOf(val) !== 'object') {
5707
+ if (!isObject(val)) {
5620
5708
  return false;
5621
5709
  }
5622
5710
 
@@ -5624,9 +5712,12 @@ var contentfulManagement = (function (exports) {
5624
5712
  return (
5625
5713
  (prototype === null ||
5626
5714
  prototype === Object.prototype ||
5627
- Object.getPrototypeOf(prototype) === null) &&
5628
- !(toStringTag in val) &&
5629
- !(iterator in val)
5715
+ getPrototypeOf(prototype) === null) &&
5716
+ // Treat any genuine (non-Object.prototype-polluted) Symbol.toStringTag or
5717
+ // Symbol.iterator as evidence the value is a tagged/iterable type rather
5718
+ // than a plain object, while ignoring keys injected onto Object.prototype.
5719
+ !hasOwnInPrototypeChain(val, toStringTag) &&
5720
+ !hasOwnInPrototypeChain(val, iterator)
5630
5721
  );
5631
5722
  };
5632
5723
 
@@ -5675,9 +5766,9 @@ var contentfulManagement = (function (exports) {
5675
5766
  * also have a `name` and `type` attribute to specify filename and content type
5676
5767
  *
5677
5768
  * @see https://github.com/facebook/react-native/blob/26684cf3adf4094eb6c405d345a75bf8c7c0bf88/Libraries/Network/FormData.js#L68-L71
5678
- *
5769
+ *
5679
5770
  * @param {*} value The value to test
5680
- *
5771
+ *
5681
5772
  * @returns {boolean} True if value is a React Native Blob, otherwise false
5682
5773
  */
5683
5774
  const isReactNativeBlob = (value) => {
@@ -5687,9 +5778,9 @@ var contentfulManagement = (function (exports) {
5687
5778
  /**
5688
5779
  * Determine if environment is React Native
5689
5780
  * ReactNative `FormData` has a non-standard `getParts()` method
5690
- *
5781
+ *
5691
5782
  * @param {*} formData The formData to test
5692
- *
5783
+ *
5693
5784
  * @returns {boolean} True if environment is React Native, otherwise false
5694
5785
  */
5695
5786
  const isReactNative = (formData) => formData && typeof formData.getParts !== 'undefined';
@@ -5708,7 +5799,7 @@ var contentfulManagement = (function (exports) {
5708
5799
  *
5709
5800
  * @param {*} val The value to test
5710
5801
  *
5711
- * @returns {boolean} True if value is a File, otherwise false
5802
+ * @returns {boolean} True if value is a FileList, otherwise false
5712
5803
  */
5713
5804
  const isFileList = kindOfTest('FileList');
5714
5805
 
@@ -5740,15 +5831,17 @@ var contentfulManagement = (function (exports) {
5740
5831
  const FormDataCtor = typeof G.FormData !== 'undefined' ? G.FormData : undefined;
5741
5832
 
5742
5833
  const isFormData = (thing) => {
5743
- let kind;
5744
- return thing && (
5745
- (FormDataCtor && thing instanceof FormDataCtor) || (
5746
- isFunction$1(thing.append) && (
5747
- (kind = kindOf(thing)) === 'formdata' ||
5748
- // detect form-data instance
5749
- (kind === 'object' && isFunction$1(thing.toString) && thing.toString() === '[object FormData]')
5750
- )
5751
- )
5834
+ if (!thing) return false;
5835
+ if (FormDataCtor && thing instanceof FormDataCtor) return true;
5836
+ // Reject plain objects inheriting directly from Object.prototype so prototype-pollution gadgets can't spoof FormData.
5837
+ const proto = getPrototypeOf(thing);
5838
+ if (!proto || proto === Object.prototype) return false;
5839
+ if (!isFunction$1(thing.append)) return false;
5840
+ const kind = kindOf(thing);
5841
+ return (
5842
+ kind === 'formdata' ||
5843
+ // detect form-data instance
5844
+ (kind === 'object' && isFunction$1(thing.toString) && thing.toString() === '[object FormData]')
5752
5845
  );
5753
5846
  };
5754
5847
 
@@ -5884,7 +5977,7 @@ var contentfulManagement = (function (exports) {
5884
5977
  *
5885
5978
  * @returns {Object} Result of all merge properties
5886
5979
  */
5887
- function merge(/* obj1, obj2, obj3, ... */) {
5980
+ function merge(...objs) {
5888
5981
  const { caseless, skipUndefined } = (isContextDefined(this) && this) || {};
5889
5982
  const result = {};
5890
5983
  const assignValue = (val, key) => {
@@ -5893,9 +5986,15 @@ var contentfulManagement = (function (exports) {
5893
5986
  return;
5894
5987
  }
5895
5988
 
5896
- const targetKey = (caseless && findKey(result, key)) || key;
5897
- if (isPlainObject(result[targetKey]) && isPlainObject(val)) {
5898
- result[targetKey] = merge(result[targetKey], val);
5989
+ // findKey lowercases the key, so caseless lookup only applies to strings —
5990
+ // symbol keys are identity-matched.
5991
+ const targetKey = (caseless && typeof key === 'string' && findKey(result, key)) || key;
5992
+ // Read via own-prop only — a bare `result[targetKey]` walks the prototype
5993
+ // chain, so a polluted Object.prototype value could surface here and get
5994
+ // copied into the merged result.
5995
+ const existing = hasOwnProperty(result, targetKey) ? result[targetKey] : undefined;
5996
+ if (isPlainObject(existing) && isPlainObject(val)) {
5997
+ result[targetKey] = merge(existing, val);
5899
5998
  } else if (isPlainObject(val)) {
5900
5999
  result[targetKey] = merge({}, val);
5901
6000
  } else if (isArray(val)) {
@@ -5905,8 +6004,25 @@ var contentfulManagement = (function (exports) {
5905
6004
  }
5906
6005
  };
5907
6006
 
5908
- for (let i = 0, l = arguments.length; i < l; i++) {
5909
- arguments[i] && forEach(arguments[i], assignValue);
6007
+ for (let i = 0, l = objs.length; i < l; i++) {
6008
+ const source = objs[i];
6009
+ if (!source || isBuffer(source)) {
6010
+ continue;
6011
+ }
6012
+
6013
+ forEach(source, assignValue);
6014
+
6015
+ if (typeof source !== 'object' || isArray(source)) {
6016
+ continue;
6017
+ }
6018
+
6019
+ const symbols = Object.getOwnPropertySymbols(source);
6020
+ for (let j = 0; j < symbols.length; j++) {
6021
+ const symbol = symbols[j];
6022
+ if (propertyIsEnumerable.call(source, symbol)) {
6023
+ assignValue(source[symbol], symbol);
6024
+ }
6025
+ }
5910
6026
  }
5911
6027
  return result;
5912
6028
  }
@@ -5928,6 +6044,9 @@ var contentfulManagement = (function (exports) {
5928
6044
  (val, key) => {
5929
6045
  if (thisArg && isFunction$1(val)) {
5930
6046
  Object.defineProperty(a, key, {
6047
+ // Null-proto descriptor so a polluted Object.prototype.get cannot
6048
+ // hijack defineProperty's accessor-vs-data resolution.
6049
+ __proto__: null,
5931
6050
  value: bind(val, thisArg),
5932
6051
  writable: true,
5933
6052
  enumerable: true,
@@ -5935,6 +6054,7 @@ var contentfulManagement = (function (exports) {
5935
6054
  });
5936
6055
  } else {
5937
6056
  Object.defineProperty(a, key, {
6057
+ __proto__: null,
5938
6058
  value: val,
5939
6059
  writable: true,
5940
6060
  enumerable: true,
@@ -5973,12 +6093,14 @@ var contentfulManagement = (function (exports) {
5973
6093
  const inherits = (constructor, superConstructor, props, descriptors) => {
5974
6094
  constructor.prototype = Object.create(superConstructor.prototype, descriptors);
5975
6095
  Object.defineProperty(constructor.prototype, 'constructor', {
6096
+ __proto__: null,
5976
6097
  value: constructor,
5977
6098
  writable: true,
5978
6099
  enumerable: false,
5979
6100
  configurable: true,
5980
6101
  });
5981
6102
  Object.defineProperty(constructor, 'super', {
6103
+ __proto__: null,
5982
6104
  value: superConstructor.prototype,
5983
6105
  });
5984
6106
  props && Object.assign(constructor.prototype, props);
@@ -6122,12 +6244,7 @@ var contentfulManagement = (function (exports) {
6122
6244
  });
6123
6245
  };
6124
6246
 
6125
- /* Creating a function that will check if an object has a property. */
6126
- const hasOwnProperty = (
6127
- ({ hasOwnProperty }) =>
6128
- (obj, prop) =>
6129
- hasOwnProperty.call(obj, prop)
6130
- )(Object.prototype);
6247
+ const { propertyIsEnumerable } = Object.prototype;
6131
6248
 
6132
6249
  /**
6133
6250
  * Determine if a value is a RegExp object
@@ -6160,7 +6277,7 @@ var contentfulManagement = (function (exports) {
6160
6277
  const freezeMethods = (obj) => {
6161
6278
  reduceDescriptors(obj, (descriptor, name) => {
6162
6279
  // skip restricted props in strict mode
6163
- if (isFunction$1(obj) && ['arguments', 'caller', 'callee'].indexOf(name) !== -1) {
6280
+ if (isFunction$1(obj) && ['arguments', 'caller', 'callee'].includes(name)) {
6164
6281
  return false;
6165
6282
  }
6166
6283
 
@@ -6234,11 +6351,11 @@ var contentfulManagement = (function (exports) {
6234
6351
  * @returns {Object} The JSON-compatible object.
6235
6352
  */
6236
6353
  const toJSONObject = (obj) => {
6237
- const stack = new Array(10);
6354
+ const visited = new WeakSet();
6238
6355
 
6239
- const visit = (source, i) => {
6356
+ const visit = (source) => {
6240
6357
  if (isObject(source)) {
6241
- if (stack.indexOf(source) >= 0) {
6358
+ if (visited.has(source)) {
6242
6359
  return;
6243
6360
  }
6244
6361
 
@@ -6248,15 +6365,16 @@ var contentfulManagement = (function (exports) {
6248
6365
  }
6249
6366
 
6250
6367
  if (!('toJSON' in source)) {
6251
- stack[i] = source;
6368
+ // add-on descent / delete-on-ascent: preserves path semantics, so DAG nodes serialise at every occurrence (see #7230).
6369
+ visited.add(source);
6252
6370
  const target = isArray(source) ? [] : {};
6253
6371
 
6254
6372
  forEach(source, (value, key) => {
6255
- const reducedValue = visit(value, i + 1);
6373
+ const reducedValue = visit(value);
6256
6374
  !isUndefined(reducedValue) && (target[key] = reducedValue);
6257
6375
  });
6258
6376
 
6259
- stack[i] = undefined;
6377
+ visited.delete(source);
6260
6378
 
6261
6379
  return target;
6262
6380
  }
@@ -6265,7 +6383,7 @@ var contentfulManagement = (function (exports) {
6265
6383
  return source;
6266
6384
  };
6267
6385
 
6268
- return visit(obj, 0);
6386
+ return visit(obj);
6269
6387
  };
6270
6388
 
6271
6389
  /**
@@ -6339,6 +6457,20 @@ var contentfulManagement = (function (exports) {
6339
6457
 
6340
6458
  const isIterable = (thing) => thing != null && isFunction$1(thing[iterator]);
6341
6459
 
6460
+ /**
6461
+ * Determine if a value is iterable via an iterator that is NOT sourced solely
6462
+ * from a polluted Object.prototype. Use this instead of `isIterable` whenever
6463
+ * the iterable comes from untrusted input (e.g. user-supplied header sources),
6464
+ * so `Object.prototype[Symbol.iterator] = ...` cannot turn an ordinary object
6465
+ * into an attacker-controlled entries iterator.
6466
+ *
6467
+ * @param {*} thing The value to test
6468
+ *
6469
+ * @returns {boolean} True if value has a non-polluted iterator
6470
+ */
6471
+ const isSafeIterable = (thing) =>
6472
+ thing != null && hasOwnInPrototypeChain(thing, iterator) && isIterable(thing);
6473
+
6342
6474
  var utils$1 = {
6343
6475
  isArray,
6344
6476
  isArrayBuffer,
@@ -6383,6 +6515,8 @@ var contentfulManagement = (function (exports) {
6383
6515
  isHTMLForm,
6384
6516
  hasOwnProperty,
6385
6517
  hasOwnProp: hasOwnProperty, // an alias to avoid ESLint no-prototype-builtins detection
6518
+ hasOwnInPrototypeChain,
6519
+ getSafeProp,
6386
6520
  reduceDescriptors,
6387
6521
  freezeMethods,
6388
6522
  toObjectSet,
@@ -6399,1299 +6533,1482 @@ var contentfulManagement = (function (exports) {
6399
6533
  setImmediate: _setImmediate,
6400
6534
  asap,
6401
6535
  isIterable,
6536
+ isSafeIterable,
6402
6537
  };
6403
6538
 
6404
- class AxiosError extends Error {
6405
- static from(error, code, config, request, response, customProps) {
6406
- const axiosError = new AxiosError(error.message, code || error.code, config, request, response);
6407
- axiosError.cause = error;
6408
- axiosError.name = error.name;
6539
+ // RawAxiosHeaders whose duplicates are ignored by node
6540
+ // c.f. https://nodejs.org/api/http.html#http_message_headers
6541
+ const ignoreDuplicateOf = utils$1.toObjectSet([
6542
+ 'age',
6543
+ 'authorization',
6544
+ 'content-length',
6545
+ 'content-type',
6546
+ 'etag',
6547
+ 'expires',
6548
+ 'from',
6549
+ 'host',
6550
+ 'if-modified-since',
6551
+ 'if-unmodified-since',
6552
+ 'last-modified',
6553
+ 'location',
6554
+ 'max-forwards',
6555
+ 'proxy-authorization',
6556
+ 'referer',
6557
+ 'retry-after',
6558
+ 'user-agent',
6559
+ ]);
6409
6560
 
6410
- // Preserve status from the original error if not already set from response
6411
- if (error.status != null && axiosError.status == null) {
6412
- axiosError.status = error.status;
6561
+ /**
6562
+ * Parse headers into an object
6563
+ *
6564
+ * ```
6565
+ * Date: Wed, 27 Aug 2014 08:58:49 GMT
6566
+ * Content-Type: application/json
6567
+ * Connection: keep-alive
6568
+ * Transfer-Encoding: chunked
6569
+ * ```
6570
+ *
6571
+ * @param {String} rawHeaders Headers needing to be parsed
6572
+ *
6573
+ * @returns {Object} Headers parsed into an object
6574
+ */
6575
+ var parseHeaders = (rawHeaders) => {
6576
+ const parsed = {};
6577
+ let key;
6578
+ let val;
6579
+ let i;
6580
+
6581
+ rawHeaders &&
6582
+ rawHeaders.split('\n').forEach(function parser(line) {
6583
+ i = line.indexOf(':');
6584
+ key = line.substring(0, i).trim().toLowerCase();
6585
+ val = line.substring(i + 1).trim();
6586
+
6587
+ if (!key || (parsed[key] && ignoreDuplicateOf[key])) {
6588
+ return;
6589
+ }
6590
+
6591
+ if (key === 'set-cookie') {
6592
+ if (parsed[key]) {
6593
+ parsed[key].push(val);
6594
+ } else {
6595
+ parsed[key] = [val];
6596
+ }
6597
+ } else {
6598
+ parsed[key] = parsed[key] ? parsed[key] + ', ' + val : val;
6599
+ }
6600
+ });
6601
+
6602
+ return parsed;
6603
+ };
6604
+
6605
+ function trimSPorHTAB(str) {
6606
+ let start = 0;
6607
+ let end = str.length;
6608
+
6609
+ while (start < end) {
6610
+ const code = str.charCodeAt(start);
6611
+
6612
+ if (code !== 0x09 && code !== 0x20) {
6613
+ break;
6413
6614
  }
6414
6615
 
6415
- customProps && Object.assign(axiosError, customProps);
6416
- return axiosError;
6616
+ start += 1;
6417
6617
  }
6418
6618
 
6419
- /**
6420
- * Create an Error with the specified message, config, error code, request and response.
6421
- *
6422
- * @param {string} message The error message.
6423
- * @param {string} [code] The error code (for example, 'ECONNABORTED').
6424
- * @param {Object} [config] The config.
6425
- * @param {Object} [request] The request.
6426
- * @param {Object} [response] The response.
6427
- *
6428
- * @returns {Error} The created error.
6429
- */
6430
- constructor(message, code, config, request, response) {
6431
- super(message);
6432
-
6433
- // Make message enumerable to maintain backward compatibility
6434
- // The native Error constructor sets message as non-enumerable,
6435
- // but axios < v1.13.3 had it as enumerable
6436
- Object.defineProperty(this, 'message', {
6437
- value: message,
6438
- enumerable: true,
6439
- writable: true,
6440
- configurable: true
6441
- });
6442
-
6443
- this.name = 'AxiosError';
6444
- this.isAxiosError = true;
6445
- code && (this.code = code);
6446
- config && (this.config = config);
6447
- request && (this.request = request);
6448
- if (response) {
6449
- this.response = response;
6450
- this.status = response.status;
6451
- }
6619
+ while (end > start) {
6620
+ const code = str.charCodeAt(end - 1);
6621
+
6622
+ if (code !== 0x09 && code !== 0x20) {
6623
+ break;
6452
6624
  }
6453
6625
 
6454
- toJSON() {
6455
- return {
6456
- // Standard
6457
- message: this.message,
6458
- name: this.name,
6459
- // Microsoft
6460
- description: this.description,
6461
- number: this.number,
6462
- // Mozilla
6463
- fileName: this.fileName,
6464
- lineNumber: this.lineNumber,
6465
- columnNumber: this.columnNumber,
6466
- stack: this.stack,
6467
- // Axios
6468
- config: utils$1.toJSONObject(this.config),
6469
- code: this.code,
6470
- status: this.status,
6471
- };
6626
+ end -= 1;
6472
6627
  }
6628
+
6629
+ return start === 0 && end === str.length ? str : str.slice(start, end);
6473
6630
  }
6474
6631
 
6475
- // This can be changed to static properties as soon as the parser options in .eslint.cjs are updated.
6476
- AxiosError.ERR_BAD_OPTION_VALUE = 'ERR_BAD_OPTION_VALUE';
6477
- AxiosError.ERR_BAD_OPTION = 'ERR_BAD_OPTION';
6478
- AxiosError.ECONNABORTED = 'ECONNABORTED';
6479
- AxiosError.ETIMEDOUT = 'ETIMEDOUT';
6480
- AxiosError.ERR_NETWORK = 'ERR_NETWORK';
6481
- AxiosError.ERR_FR_TOO_MANY_REDIRECTS = 'ERR_FR_TOO_MANY_REDIRECTS';
6482
- AxiosError.ERR_DEPRECATED = 'ERR_DEPRECATED';
6483
- AxiosError.ERR_BAD_RESPONSE = 'ERR_BAD_RESPONSE';
6484
- AxiosError.ERR_BAD_REQUEST = 'ERR_BAD_REQUEST';
6485
- AxiosError.ERR_CANCELED = 'ERR_CANCELED';
6486
- AxiosError.ERR_NOT_SUPPORT = 'ERR_NOT_SUPPORT';
6487
- AxiosError.ERR_INVALID_URL = 'ERR_INVALID_URL';
6632
+ // The control-code ranges are intentional: header sanitization strips C0/DEL bytes.
6633
+ // eslint-disable-next-line no-control-regex
6634
+ const INVALID_UNICODE_HEADER_VALUE_CHARS = new RegExp('[\\u0000-\\u0008\\u000a-\\u001f\\u007f]+', 'g');
6635
+ // eslint-disable-next-line no-control-regex
6636
+ const INVALID_BYTE_STRING_HEADER_VALUE_CHARS = new RegExp('[^\\u0009\\u0020-\\u007e\\u0080-\\u00ff]+', 'g');
6488
6637
 
6489
- // eslint-disable-next-line strict
6490
- var httpAdapter = null;
6638
+ function sanitizeValue(value, invalidChars) {
6639
+ if (utils$1.isArray(value)) {
6640
+ return value.map((item) => sanitizeValue(item, invalidChars));
6641
+ }
6491
6642
 
6492
- /**
6493
- * Determines if the given thing is a array or js object.
6494
- *
6495
- * @param {string} thing - The object or array to be visited.
6496
- *
6497
- * @returns {boolean}
6498
- */
6499
- function isVisitable(thing) {
6500
- return utils$1.isPlainObject(thing) || utils$1.isArray(thing);
6643
+ return trimSPorHTAB(String(value).replace(invalidChars, ''));
6501
6644
  }
6502
6645
 
6503
- /**
6504
- * It removes the brackets from the end of a string
6505
- *
6506
- * @param {string} key - The key of the parameter.
6507
- *
6508
- * @returns {string} the key without the brackets.
6509
- */
6510
- function removeBrackets(key) {
6511
- return utils$1.endsWith(key, '[]') ? key.slice(0, -2) : key;
6646
+ const sanitizeHeaderValue = (value) =>
6647
+ sanitizeValue(value, INVALID_UNICODE_HEADER_VALUE_CHARS);
6648
+
6649
+ const sanitizeByteStringHeaderValue = (value) =>
6650
+ sanitizeValue(value, INVALID_BYTE_STRING_HEADER_VALUE_CHARS);
6651
+
6652
+ function toByteStringHeaderObject(headers) {
6653
+ const byteStringHeaders = Object.create(null);
6654
+
6655
+ utils$1.forEach(headers.toJSON(), (value, header) => {
6656
+ byteStringHeaders[header] = sanitizeByteStringHeaderValue(value);
6657
+ });
6658
+
6659
+ return byteStringHeaders;
6512
6660
  }
6513
6661
 
6514
- /**
6515
- * It takes a path, a key, and a boolean, and returns a string
6516
- *
6517
- * @param {string} path - The path to the current key.
6518
- * @param {string} key - The key of the current object being iterated over.
6519
- * @param {string} dots - If true, the key will be rendered with dots instead of brackets.
6520
- *
6521
- * @returns {string} The path to the current key.
6522
- */
6523
- function renderKey(path, key, dots) {
6524
- if (!path) return key;
6525
- return path
6526
- .concat(key)
6527
- .map(function each(token, i) {
6528
- // eslint-disable-next-line no-param-reassign
6529
- token = removeBrackets(token);
6530
- return !dots && i ? '[' + token + ']' : token;
6531
- })
6532
- .join(dots ? '.' : '');
6662
+ const $internals = Symbol('internals');
6663
+
6664
+ function normalizeHeader(header) {
6665
+ return header && String(header).trim().toLowerCase();
6533
6666
  }
6534
6667
 
6535
- /**
6536
- * If the array is an array and none of its elements are visitable, then it's a flat array.
6537
- *
6538
- * @param {Array<any>} arr - The array to check
6539
- *
6540
- * @returns {boolean}
6541
- */
6542
- function isFlatArray(arr) {
6543
- return utils$1.isArray(arr) && !arr.some(isVisitable);
6668
+ function normalizeValue(value) {
6669
+ if (value === false || value == null) {
6670
+ return value;
6671
+ }
6672
+
6673
+ return utils$1.isArray(value) ? value.map(normalizeValue) : sanitizeHeaderValue(String(value));
6544
6674
  }
6545
6675
 
6546
- const predicates = utils$1.toFlatObject(utils$1, {}, null, function filter(prop) {
6547
- return /^is[A-Z]/.test(prop);
6548
- });
6549
-
6550
- /**
6551
- * Convert a data object to FormData
6552
- *
6553
- * @param {Object} obj
6554
- * @param {?Object} [formData]
6555
- * @param {?Object} [options]
6556
- * @param {Function} [options.visitor]
6557
- * @param {Boolean} [options.metaTokens = true]
6558
- * @param {Boolean} [options.dots = false]
6559
- * @param {?Boolean} [options.indexes = false]
6560
- *
6561
- * @returns {Object}
6562
- **/
6676
+ function parseTokens(str) {
6677
+ const tokens = Object.create(null);
6678
+ const tokensRE = /([^\s,;=]+)\s*(?:=\s*([^,;]+))?/g;
6679
+ let match;
6563
6680
 
6564
- /**
6565
- * It converts an object into a FormData object
6566
- *
6567
- * @param {Object<any, any>} obj - The object to convert to form data.
6568
- * @param {string} formData - The FormData object to append to.
6569
- * @param {Object<string, any>} options
6570
- *
6571
- * @returns
6572
- */
6573
- function toFormData(obj, formData, options) {
6574
- if (!utils$1.isObject(obj)) {
6575
- throw new TypeError('target must be an object');
6681
+ while ((match = tokensRE.exec(str))) {
6682
+ tokens[match[1]] = match[2];
6576
6683
  }
6577
6684
 
6578
- // eslint-disable-next-line no-param-reassign
6579
- formData = formData || new (FormData)();
6685
+ return tokens;
6686
+ }
6580
6687
 
6581
- // eslint-disable-next-line no-param-reassign
6582
- options = utils$1.toFlatObject(
6583
- options,
6584
- {
6585
- metaTokens: true,
6586
- dots: false,
6587
- indexes: false,
6588
- },
6589
- false,
6590
- function defined(option, source) {
6591
- // eslint-disable-next-line no-eq-null,eqeqeq
6592
- return !utils$1.isUndefined(source[option]);
6593
- }
6594
- );
6688
+ const isValidHeaderName = (str) => /^[-_a-zA-Z0-9^`|~,!#$%&'*+.]+$/.test(str.trim());
6595
6689
 
6596
- const metaTokens = options.metaTokens;
6597
- // eslint-disable-next-line no-use-before-define
6598
- const visitor = options.visitor || defaultVisitor;
6599
- const dots = options.dots;
6600
- const indexes = options.indexes;
6601
- const _Blob = options.Blob || (typeof Blob !== 'undefined' && Blob);
6602
- const useBlob = _Blob && utils$1.isSpecCompliantForm(formData);
6690
+ function matchHeaderValue(context, value, header, filter, isHeaderNameFilter) {
6691
+ if (utils$1.isFunction(filter)) {
6692
+ return filter.call(this, value, header);
6693
+ }
6603
6694
 
6604
- if (!utils$1.isFunction(visitor)) {
6605
- throw new TypeError('visitor must be a function');
6695
+ if (isHeaderNameFilter) {
6696
+ value = header;
6606
6697
  }
6607
6698
 
6608
- function convertValue(value) {
6609
- if (value === null) return '';
6699
+ if (!utils$1.isString(value)) return;
6610
6700
 
6611
- if (utils$1.isDate(value)) {
6612
- return value.toISOString();
6613
- }
6701
+ if (utils$1.isString(filter)) {
6702
+ return value.indexOf(filter) !== -1;
6703
+ }
6614
6704
 
6615
- if (utils$1.isBoolean(value)) {
6616
- return value.toString();
6617
- }
6705
+ if (utils$1.isRegExp(filter)) {
6706
+ return filter.test(value);
6707
+ }
6708
+ }
6618
6709
 
6619
- if (!useBlob && utils$1.isBlob(value)) {
6620
- throw new AxiosError('Blob is not supported. Use a Buffer instead.');
6621
- }
6710
+ function formatHeader(header) {
6711
+ return header
6712
+ .trim()
6713
+ .toLowerCase()
6714
+ .replace(/([a-z\d])(\w*)/g, (w, char, str) => {
6715
+ return char.toUpperCase() + str;
6716
+ });
6717
+ }
6622
6718
 
6623
- if (utils$1.isArrayBuffer(value) || utils$1.isTypedArray(value)) {
6624
- return useBlob && typeof Blob === 'function' ? new Blob([value]) : Buffer.from(value);
6625
- }
6719
+ function buildAccessors(obj, header) {
6720
+ const accessorName = utils$1.toCamelCase(' ' + header);
6626
6721
 
6627
- return value;
6722
+ ['get', 'set', 'has'].forEach((methodName) => {
6723
+ Object.defineProperty(obj, methodName + accessorName, {
6724
+ // Null-proto descriptor so a polluted Object.prototype.get cannot turn
6725
+ // this data descriptor into an accessor descriptor on the way in.
6726
+ __proto__: null,
6727
+ value: function (arg1, arg2, arg3) {
6728
+ return this[methodName].call(this, header, arg1, arg2, arg3);
6729
+ },
6730
+ configurable: true,
6731
+ });
6732
+ });
6733
+ }
6734
+
6735
+ class AxiosHeaders {
6736
+ constructor(headers) {
6737
+ headers && this.set(headers);
6628
6738
  }
6629
6739
 
6630
- /**
6631
- * Default visitor.
6632
- *
6633
- * @param {*} value
6634
- * @param {String|Number} key
6635
- * @param {Array<String|Number>} path
6636
- * @this {FormData}
6637
- *
6638
- * @returns {boolean} return true to visit the each prop of the value recursively
6639
- */
6640
- function defaultVisitor(value, key, path) {
6641
- let arr = value;
6740
+ set(header, valueOrRewrite, rewrite) {
6741
+ const self = this;
6642
6742
 
6643
- if (utils$1.isReactNative(formData) && utils$1.isReactNativeBlob(value)) {
6644
- formData.append(renderKey(path, key, dots), convertValue(value));
6645
- return false;
6646
- }
6743
+ function setHeader(_value, _header, _rewrite) {
6744
+ const lHeader = normalizeHeader(_header);
6647
6745
 
6648
- if (value && !path && typeof value === 'object') {
6649
- if (utils$1.endsWith(key, '{}')) {
6650
- // eslint-disable-next-line no-param-reassign
6651
- key = metaTokens ? key : key.slice(0, -2);
6652
- // eslint-disable-next-line no-param-reassign
6653
- value = JSON.stringify(value);
6654
- } else if (
6655
- (utils$1.isArray(value) && isFlatArray(value)) ||
6656
- ((utils$1.isFileList(value) || utils$1.endsWith(key, '[]')) && (arr = utils$1.toArray(value)))
6657
- ) {
6658
- // eslint-disable-next-line no-param-reassign
6659
- key = removeBrackets(key);
6746
+ if (!lHeader) {
6747
+ return;
6748
+ }
6660
6749
 
6661
- arr.forEach(function each(el, index) {
6662
- !(utils$1.isUndefined(el) || el === null) &&
6663
- formData.append(
6664
- // eslint-disable-next-line no-nested-ternary
6665
- indexes === true
6666
- ? renderKey([key], index, dots)
6667
- : indexes === null
6668
- ? key
6669
- : key + '[]',
6670
- convertValue(el)
6671
- );
6672
- });
6673
- return false;
6750
+ const key = utils$1.findKey(self, lHeader);
6751
+
6752
+ if (
6753
+ !key ||
6754
+ self[key] === undefined ||
6755
+ _rewrite === true ||
6756
+ (_rewrite === undefined && self[key] !== false)
6757
+ ) {
6758
+ self[key || _header] = normalizeValue(_value);
6674
6759
  }
6675
6760
  }
6676
6761
 
6677
- if (isVisitable(value)) {
6678
- return true;
6679
- }
6762
+ const setHeaders = (headers, _rewrite) =>
6763
+ utils$1.forEach(headers, (_value, _header) => setHeader(_value, _header, _rewrite));
6680
6764
 
6681
- formData.append(renderKey(path, key, dots), convertValue(value));
6765
+ if (utils$1.isPlainObject(header) || header instanceof this.constructor) {
6766
+ setHeaders(header, valueOrRewrite);
6767
+ } else if (utils$1.isString(header) && (header = header.trim()) && !isValidHeaderName(header)) {
6768
+ setHeaders(parseHeaders(header), valueOrRewrite);
6769
+ } else if (utils$1.isObject(header) && utils$1.isSafeIterable(header)) {
6770
+ let obj = Object.create(null),
6771
+ dest,
6772
+ key;
6773
+ for (const entry of header) {
6774
+ if (!utils$1.isArray(entry)) {
6775
+ throw new TypeError('Object iterator must return a key-value pair');
6776
+ }
6682
6777
 
6683
- return false;
6778
+ key = entry[0];
6779
+
6780
+ if (utils$1.hasOwnProp(obj, key)) {
6781
+ dest = obj[key];
6782
+ obj[key] = utils$1.isArray(dest) ? [...dest, entry[1]] : [dest, entry[1]];
6783
+ } else {
6784
+ obj[key] = entry[1];
6785
+ }
6786
+ }
6787
+
6788
+ setHeaders(obj, valueOrRewrite);
6789
+ } else {
6790
+ header != null && setHeader(valueOrRewrite, header, rewrite);
6791
+ }
6792
+
6793
+ return this;
6684
6794
  }
6685
6795
 
6686
- const stack = [];
6796
+ get(header, parser) {
6797
+ header = normalizeHeader(header);
6687
6798
 
6688
- const exposedHelpers = Object.assign(predicates, {
6689
- defaultVisitor,
6690
- convertValue,
6691
- isVisitable,
6692
- });
6799
+ if (header) {
6800
+ const key = utils$1.findKey(this, header);
6693
6801
 
6694
- function build(value, path) {
6695
- if (utils$1.isUndefined(value)) return;
6802
+ if (key) {
6803
+ const value = this[key];
6696
6804
 
6697
- if (stack.indexOf(value) !== -1) {
6698
- throw Error('Circular reference detected in ' + path.join('.'));
6699
- }
6805
+ if (!parser) {
6806
+ return value;
6807
+ }
6700
6808
 
6701
- stack.push(value);
6809
+ if (parser === true) {
6810
+ return parseTokens(value);
6811
+ }
6702
6812
 
6703
- utils$1.forEach(value, function each(el, key) {
6704
- const result =
6705
- !(utils$1.isUndefined(el) || el === null) &&
6706
- visitor.call(formData, el, utils$1.isString(key) ? key.trim() : key, path, exposedHelpers);
6813
+ if (utils$1.isFunction(parser)) {
6814
+ return parser.call(this, value, key);
6815
+ }
6707
6816
 
6708
- if (result === true) {
6709
- build(el, path ? path.concat(key) : [key]);
6710
- }
6711
- });
6817
+ if (utils$1.isRegExp(parser)) {
6818
+ return parser.exec(value);
6819
+ }
6712
6820
 
6713
- stack.pop();
6821
+ throw new TypeError('parser must be boolean|regexp|function');
6822
+ }
6823
+ }
6714
6824
  }
6715
6825
 
6716
- if (!utils$1.isObject(obj)) {
6717
- throw new TypeError('data must be an object');
6718
- }
6826
+ has(header, matcher) {
6827
+ header = normalizeHeader(header);
6719
6828
 
6720
- build(obj);
6829
+ if (header) {
6830
+ const key = utils$1.findKey(this, header);
6721
6831
 
6722
- return formData;
6723
- }
6832
+ return !!(
6833
+ key &&
6834
+ this[key] !== undefined &&
6835
+ (!matcher || matchHeaderValue(this, this[key], key, matcher))
6836
+ );
6837
+ }
6724
6838
 
6725
- /**
6726
- * It encodes a string by replacing all characters that are not in the unreserved set with
6727
- * their percent-encoded equivalents
6728
- *
6729
- * @param {string} str - The string to encode.
6730
- *
6731
- * @returns {string} The encoded string.
6732
- */
6733
- function encode$1(str) {
6734
- const charMap = {
6735
- '!': '%21',
6736
- "'": '%27',
6737
- '(': '%28',
6738
- ')': '%29',
6739
- '~': '%7E',
6740
- '%20': '+',
6741
- '%00': '\x00',
6742
- };
6743
- return encodeURIComponent(str).replace(/[!'()~]|%20|%00/g, function replacer(match) {
6744
- return charMap[match];
6745
- });
6746
- }
6839
+ return false;
6840
+ }
6747
6841
 
6748
- /**
6749
- * It takes a params object and converts it to a FormData object
6750
- *
6751
- * @param {Object<string, any>} params - The parameters to be converted to a FormData object.
6752
- * @param {Object<string, any>} options - The options object passed to the Axios constructor.
6753
- *
6754
- * @returns {void}
6755
- */
6756
- function AxiosURLSearchParams(params, options) {
6757
- this._pairs = [];
6842
+ delete(header, matcher) {
6843
+ const self = this;
6844
+ let deleted = false;
6758
6845
 
6759
- params && toFormData(params, this, options);
6760
- }
6846
+ function deleteHeader(_header) {
6847
+ _header = normalizeHeader(_header);
6761
6848
 
6762
- const prototype = AxiosURLSearchParams.prototype;
6849
+ if (_header) {
6850
+ const key = utils$1.findKey(self, _header);
6763
6851
 
6764
- prototype.append = function append(name, value) {
6765
- this._pairs.push([name, value]);
6766
- };
6852
+ if (key && (!matcher || matchHeaderValue(self, self[key], key, matcher))) {
6853
+ delete self[key];
6767
6854
 
6768
- prototype.toString = function toString(encoder) {
6769
- const _encode = encoder
6770
- ? function (value) {
6771
- return encoder.call(this, value, encode$1);
6855
+ deleted = true;
6856
+ }
6772
6857
  }
6773
- : encode$1;
6858
+ }
6774
6859
 
6775
- return this._pairs
6776
- .map(function each(pair) {
6777
- return _encode(pair[0]) + '=' + _encode(pair[1]);
6778
- }, '')
6779
- .join('&');
6780
- };
6860
+ if (utils$1.isArray(header)) {
6861
+ header.forEach(deleteHeader);
6862
+ } else {
6863
+ deleteHeader(header);
6864
+ }
6781
6865
 
6782
- /**
6783
- * It replaces URL-encoded forms of `:`, `$`, `,`, and spaces with
6784
- * their plain counterparts (`:`, `$`, `,`, `+`).
6785
- *
6786
- * @param {string} val The value to be encoded.
6787
- *
6788
- * @returns {string} The encoded value.
6789
- */
6790
- function encode(val) {
6791
- return encodeURIComponent(val)
6792
- .replace(/%3A/gi, ':')
6793
- .replace(/%24/g, '$')
6794
- .replace(/%2C/gi, ',')
6795
- .replace(/%20/g, '+');
6796
- }
6866
+ return deleted;
6867
+ }
6797
6868
 
6798
- /**
6799
- * Build a URL by appending params to the end
6800
- *
6801
- * @param {string} url The base of the url (e.g., http://www.google.com)
6802
- * @param {object} [params] The params to be appended
6803
- * @param {?(object|Function)} options
6804
- *
6805
- * @returns {string} The formatted url
6806
- */
6807
- function buildURL(url, params, options) {
6808
- if (!params) {
6809
- return url;
6869
+ clear(matcher) {
6870
+ const keys = Object.keys(this);
6871
+ let i = keys.length;
6872
+ let deleted = false;
6873
+
6874
+ while (i--) {
6875
+ const key = keys[i];
6876
+ if (!matcher || matchHeaderValue(this, this[key], key, matcher, true)) {
6877
+ delete this[key];
6878
+ deleted = true;
6879
+ }
6880
+ }
6881
+
6882
+ return deleted;
6810
6883
  }
6811
6884
 
6812
- const _encode = (options && options.encode) || encode;
6885
+ normalize(format) {
6886
+ const self = this;
6887
+ const headers = {};
6813
6888
 
6814
- const _options = utils$1.isFunction(options)
6815
- ? {
6816
- serialize: options,
6889
+ utils$1.forEach(this, (value, header) => {
6890
+ const key = utils$1.findKey(headers, header);
6891
+
6892
+ if (key) {
6893
+ self[key] = normalizeValue(value);
6894
+ delete self[header];
6895
+ return;
6817
6896
  }
6818
- : options;
6819
6897
 
6820
- const serializeFn = _options && _options.serialize;
6898
+ const normalized = format ? formatHeader(header) : String(header).trim();
6821
6899
 
6822
- let serializedParams;
6900
+ if (normalized !== header) {
6901
+ delete self[header];
6902
+ }
6823
6903
 
6824
- if (serializeFn) {
6825
- serializedParams = serializeFn(params, _options);
6826
- } else {
6827
- serializedParams = utils$1.isURLSearchParams(params)
6828
- ? params.toString()
6829
- : new AxiosURLSearchParams(params, _options).toString(_encode);
6830
- }
6904
+ self[normalized] = normalizeValue(value);
6831
6905
 
6832
- if (serializedParams) {
6833
- const hashmarkIndex = url.indexOf('#');
6906
+ headers[normalized] = true;
6907
+ });
6834
6908
 
6835
- if (hashmarkIndex !== -1) {
6836
- url = url.slice(0, hashmarkIndex);
6837
- }
6838
- url += (url.indexOf('?') === -1 ? '?' : '&') + serializedParams;
6909
+ return this;
6839
6910
  }
6840
6911
 
6841
- return url;
6842
- }
6843
-
6844
- class InterceptorManager {
6845
- constructor() {
6846
- this.handlers = [];
6912
+ concat(...targets) {
6913
+ return this.constructor.concat(this, ...targets);
6847
6914
  }
6848
6915
 
6849
- /**
6850
- * Add a new interceptor to the stack
6851
- *
6852
- * @param {Function} fulfilled The function to handle `then` for a `Promise`
6853
- * @param {Function} rejected The function to handle `reject` for a `Promise`
6854
- * @param {Object} options The options for the interceptor, synchronous and runWhen
6855
- *
6856
- * @return {Number} An ID used to remove interceptor later
6857
- */
6858
- use(fulfilled, rejected, options) {
6859
- this.handlers.push({
6860
- fulfilled,
6861
- rejected,
6862
- synchronous: options ? options.synchronous : false,
6863
- runWhen: options ? options.runWhen : null,
6916
+ toJSON(asStrings) {
6917
+ const obj = Object.create(null);
6918
+
6919
+ utils$1.forEach(this, (value, header) => {
6920
+ value != null &&
6921
+ value !== false &&
6922
+ (obj[header] = asStrings && utils$1.isArray(value) ? value.join(', ') : value);
6864
6923
  });
6865
- return this.handlers.length - 1;
6924
+
6925
+ return obj;
6866
6926
  }
6867
6927
 
6868
- /**
6869
- * Remove an interceptor from the stack
6870
- *
6871
- * @param {Number} id The ID that was returned by `use`
6872
- *
6873
- * @returns {void}
6874
- */
6875
- eject(id) {
6876
- if (this.handlers[id]) {
6877
- this.handlers[id] = null;
6878
- }
6928
+ [Symbol.iterator]() {
6929
+ return Object.entries(this.toJSON())[Symbol.iterator]();
6879
6930
  }
6880
6931
 
6881
- /**
6882
- * Clear all interceptors from the stack
6883
- *
6884
- * @returns {void}
6885
- */
6886
- clear() {
6887
- if (this.handlers) {
6888
- this.handlers = [];
6889
- }
6932
+ toString() {
6933
+ return Object.entries(this.toJSON())
6934
+ .map(([header, value]) => header + ': ' + value)
6935
+ .join('\n');
6890
6936
  }
6891
6937
 
6892
- /**
6893
- * Iterate over all the registered interceptors
6894
- *
6895
- * This method is particularly useful for skipping over any
6896
- * interceptors that may have become `null` calling `eject`.
6897
- *
6898
- * @param {Function} fn The function to call for each interceptor
6899
- *
6900
- * @returns {void}
6901
- */
6902
- forEach(fn) {
6903
- utils$1.forEach(this.handlers, function forEachHandler(h) {
6904
- if (h !== null) {
6905
- fn(h);
6906
- }
6907
- });
6938
+ getSetCookie() {
6939
+ return this.get('set-cookie') || [];
6908
6940
  }
6909
- }
6910
6941
 
6911
- var transitionalDefaults = {
6912
- silentJSONParsing: true,
6913
- forcedJSONParsing: true,
6914
- clarifyTimeoutError: false,
6915
- legacyInterceptorReqResOrdering: true,
6916
- };
6942
+ get [Symbol.toStringTag]() {
6943
+ return 'AxiosHeaders';
6944
+ }
6917
6945
 
6918
- var URLSearchParams$1 = typeof URLSearchParams !== 'undefined' ? URLSearchParams : AxiosURLSearchParams;
6946
+ static from(thing) {
6947
+ return thing instanceof this ? thing : new this(thing);
6948
+ }
6919
6949
 
6920
- var FormData$1 = typeof FormData !== 'undefined' ? FormData : null;
6950
+ static concat(first, ...targets) {
6951
+ const computed = new this(first);
6921
6952
 
6922
- var Blob$1 = typeof Blob !== 'undefined' ? Blob : null;
6953
+ targets.forEach((target) => computed.set(target));
6923
6954
 
6924
- var platform$1 = {
6925
- isBrowser: true,
6926
- classes: {
6927
- URLSearchParams: URLSearchParams$1,
6928
- FormData: FormData$1,
6929
- Blob: Blob$1,
6930
- },
6931
- protocols: ['http', 'https', 'file', 'blob', 'url', 'data'],
6932
- };
6955
+ return computed;
6956
+ }
6933
6957
 
6934
- const hasBrowserEnv = typeof window !== 'undefined' && typeof document !== 'undefined';
6958
+ static accessor(header) {
6959
+ const internals =
6960
+ (this[$internals] =
6961
+ this[$internals] =
6962
+ {
6963
+ accessors: {},
6964
+ });
6935
6965
 
6936
- const _navigator = (typeof navigator === 'object' && navigator) || undefined;
6966
+ const accessors = internals.accessors;
6967
+ const prototype = this.prototype;
6937
6968
 
6938
- /**
6939
- * Determine if we're running in a standard browser environment
6940
- *
6941
- * This allows axios to run in a web worker, and react-native.
6942
- * Both environments support XMLHttpRequest, but not fully standard globals.
6943
- *
6944
- * web workers:
6945
- * typeof window -> undefined
6946
- * typeof document -> undefined
6947
- *
6948
- * react-native:
6949
- * navigator.product -> 'ReactNative'
6950
- * nativescript
6951
- * navigator.product -> 'NativeScript' or 'NS'
6952
- *
6953
- * @returns {boolean}
6954
- */
6955
- const hasStandardBrowserEnv =
6956
- hasBrowserEnv &&
6957
- (!_navigator || ['ReactNative', 'NativeScript', 'NS'].indexOf(_navigator.product) < 0);
6969
+ function defineAccessor(_header) {
6970
+ const lHeader = normalizeHeader(_header);
6958
6971
 
6959
- /**
6960
- * Determine if we're running in a standard browser webWorker environment
6961
- *
6962
- * Although the `isStandardBrowserEnv` method indicates that
6963
- * `allows axios to run in a web worker`, the WebWorker will still be
6964
- * filtered out due to its judgment standard
6965
- * `typeof window !== 'undefined' && typeof document !== 'undefined'`.
6966
- * This leads to a problem when axios post `FormData` in webWorker
6967
- */
6968
- const hasStandardBrowserWebWorkerEnv = (() => {
6969
- return (
6970
- typeof WorkerGlobalScope !== 'undefined' &&
6971
- // eslint-disable-next-line no-undef
6972
- self instanceof WorkerGlobalScope &&
6973
- typeof self.importScripts === 'function'
6974
- );
6975
- })();
6972
+ if (!accessors[lHeader]) {
6973
+ buildAccessors(prototype, _header);
6974
+ accessors[lHeader] = true;
6975
+ }
6976
+ }
6976
6977
 
6977
- const origin = (hasBrowserEnv && window.location.href) || 'http://localhost';
6978
+ utils$1.isArray(header) ? header.forEach(defineAccessor) : defineAccessor(header);
6978
6979
 
6979
- var utils = /*#__PURE__*/Object.freeze({
6980
- __proto__: null,
6981
- hasBrowserEnv: hasBrowserEnv,
6982
- hasStandardBrowserEnv: hasStandardBrowserEnv,
6983
- hasStandardBrowserWebWorkerEnv: hasStandardBrowserWebWorkerEnv,
6984
- navigator: _navigator,
6985
- origin: origin
6980
+ return this;
6981
+ }
6982
+ }
6983
+
6984
+ AxiosHeaders.accessor([
6985
+ 'Content-Type',
6986
+ 'Content-Length',
6987
+ 'Accept',
6988
+ 'Accept-Encoding',
6989
+ 'User-Agent',
6990
+ 'Authorization',
6991
+ ]);
6992
+
6993
+ // reserved names hotfix
6994
+ utils$1.reduceDescriptors(AxiosHeaders.prototype, ({ value }, key) => {
6995
+ let mapped = key[0].toUpperCase() + key.slice(1); // map `set` => `Set`
6996
+ return {
6997
+ get: () => value,
6998
+ set(headerValue) {
6999
+ this[mapped] = headerValue;
7000
+ },
7001
+ };
6986
7002
  });
6987
7003
 
6988
- var platform = {
6989
- ...utils,
6990
- ...platform$1,
6991
- };
7004
+ utils$1.freezeMethods(AxiosHeaders);
6992
7005
 
6993
- function toURLEncodedForm(data, options) {
6994
- return toFormData(data, new platform.classes.URLSearchParams(), {
6995
- visitor: function (value, key, path, helpers) {
6996
- if (platform.isNode && utils$1.isBuffer(value)) {
6997
- this.append(key, value.toString('base64'));
6998
- return false;
6999
- }
7006
+ const REDACTED = '[REDACTED ****]';
7000
7007
 
7001
- return helpers.defaultVisitor.apply(this, arguments);
7002
- },
7003
- ...options,
7004
- });
7005
- }
7008
+ function hasOwnOrPrototypeToJSON(source) {
7009
+ if (utils$1.hasOwnProp(source, 'toJSON')) {
7010
+ return true;
7011
+ }
7006
7012
 
7007
- /**
7008
- * It takes a string like `foo[x][y][z]` and returns an array like `['foo', 'x', 'y', 'z']
7009
- *
7010
- * @param {string} name - The name of the property to get.
7011
- *
7012
- * @returns An array of strings.
7013
- */
7014
- function parsePropPath(name) {
7015
- // foo[x][y][z]
7016
- // foo.x.y.z
7017
- // foo-x-y-z
7018
- // foo x y z
7019
- return utils$1.matchAll(/\w+|\[(\w*)]/g, name).map((match) => {
7020
- return match[0] === '[]' ? '' : match[1] || match[0];
7021
- });
7022
- }
7013
+ let prototype = Object.getPrototypeOf(source);
7023
7014
 
7024
- /**
7025
- * Convert an array to an object.
7026
- *
7027
- * @param {Array<any>} arr - The array to convert to an object.
7028
- *
7029
- * @returns An object with the same keys and values as the array.
7030
- */
7031
- function arrayToObject(arr) {
7032
- const obj = {};
7033
- const keys = Object.keys(arr);
7034
- let i;
7035
- const len = keys.length;
7036
- let key;
7037
- for (i = 0; i < len; i++) {
7038
- key = keys[i];
7039
- obj[key] = arr[key];
7015
+ while (prototype && prototype !== Object.prototype) {
7016
+ if (utils$1.hasOwnProp(prototype, 'toJSON')) {
7017
+ return true;
7018
+ }
7019
+
7020
+ prototype = Object.getPrototypeOf(prototype);
7040
7021
  }
7041
- return obj;
7022
+
7023
+ return false;
7042
7024
  }
7043
7025
 
7044
- /**
7045
- * It takes a FormData object and returns a JavaScript object
7046
- *
7047
- * @param {string} formData The FormData object to convert to JSON.
7048
- *
7049
- * @returns {Object<string, any> | null} The converted object.
7050
- */
7051
- function formDataToJSON(formData) {
7052
- function buildPath(path, value, target, index) {
7053
- let name = path[index++];
7026
+ // Build a plain-object snapshot of `config` and replace the value of any key
7027
+ // (case-insensitive) listed in `redactKeys` with REDACTED. Walks through arrays
7028
+ // and AxiosHeaders, and short-circuits on circular references.
7029
+ function redactConfig(config, redactKeys) {
7030
+ const lowerKeys = new Set(redactKeys.map((k) => String(k).toLowerCase()));
7031
+ const seen = [];
7054
7032
 
7055
- if (name === '__proto__') return true;
7033
+ const visit = (source) => {
7034
+ if (source === null || typeof source !== 'object') return source;
7035
+ if (utils$1.isBuffer(source)) return source;
7036
+ if (seen.indexOf(source) !== -1) return undefined;
7056
7037
 
7057
- const isNumericKey = Number.isFinite(+name);
7058
- const isLast = index >= path.length;
7059
- name = !name && utils$1.isArray(target) ? target.length : name;
7038
+ if (source instanceof AxiosHeaders) {
7039
+ source = source.toJSON();
7040
+ }
7060
7041
 
7061
- if (isLast) {
7062
- if (utils$1.hasOwnProp(target, name)) {
7063
- target[name] = [target[name], value];
7064
- } else {
7065
- target[name] = value;
7042
+ seen.push(source);
7043
+
7044
+ let result;
7045
+ if (utils$1.isArray(source)) {
7046
+ result = [];
7047
+ source.forEach((v, i) => {
7048
+ const reducedValue = visit(v);
7049
+ if (!utils$1.isUndefined(reducedValue)) {
7050
+ result[i] = reducedValue;
7051
+ }
7052
+ });
7053
+ } else {
7054
+ if (!utils$1.isPlainObject(source) && hasOwnOrPrototypeToJSON(source)) {
7055
+ seen.pop();
7056
+ return source;
7066
7057
  }
7067
7058
 
7068
- return !isNumericKey;
7059
+ result = Object.create(null);
7060
+ for (const [key, value] of Object.entries(source)) {
7061
+ const reducedValue = lowerKeys.has(key.toLowerCase()) ? REDACTED : visit(value);
7062
+ if (!utils$1.isUndefined(reducedValue)) {
7063
+ result[key] = reducedValue;
7064
+ }
7065
+ }
7069
7066
  }
7070
7067
 
7071
- if (!target[name] || !utils$1.isObject(target[name])) {
7072
- target[name] = [];
7073
- }
7068
+ seen.pop();
7069
+ return result;
7070
+ };
7074
7071
 
7075
- const result = buildPath(path, value, target[name], index);
7072
+ return visit(config);
7073
+ }
7076
7074
 
7077
- if (result && utils$1.isArray(target[name])) {
7078
- target[name] = arrayToObject(target[name]);
7075
+ class AxiosError extends Error {
7076
+ static from(error, code, config, request, response, customProps) {
7077
+ const axiosError = new AxiosError(error.message, code || error.code, config, request, response);
7078
+ axiosError.cause = error;
7079
+ axiosError.name = error.name;
7080
+
7081
+ // Preserve status from the original error if not already set from response
7082
+ if (error.status != null && axiosError.status == null) {
7083
+ axiosError.status = error.status;
7079
7084
  }
7080
7085
 
7081
- return !isNumericKey;
7086
+ customProps && Object.assign(axiosError, customProps);
7087
+ return axiosError;
7082
7088
  }
7083
7089
 
7084
- if (utils$1.isFormData(formData) && utils$1.isFunction(formData.entries)) {
7085
- const obj = {};
7086
-
7087
- utils$1.forEachEntry(formData, (name, value) => {
7088
- buildPath(parsePropPath(name), value, obj, 0);
7090
+ /**
7091
+ * Create an Error with the specified message, config, error code, request and response.
7092
+ *
7093
+ * @param {string} message The error message.
7094
+ * @param {string} [code] The error code (for example, 'ECONNABORTED').
7095
+ * @param {Object} [config] The config.
7096
+ * @param {Object} [request] The request.
7097
+ * @param {Object} [response] The response.
7098
+ *
7099
+ * @returns {Error} The created error.
7100
+ */
7101
+ constructor(message, code, config, request, response) {
7102
+ super(message);
7103
+
7104
+ // Make message enumerable to maintain backward compatibility
7105
+ // The native Error constructor sets message as non-enumerable,
7106
+ // but axios < v1.13.3 had it as enumerable
7107
+ Object.defineProperty(this, 'message', {
7108
+ // Null-proto descriptor so a polluted Object.prototype.get cannot turn
7109
+ // this data descriptor into an accessor descriptor on the way in.
7110
+ __proto__: null,
7111
+ value: message,
7112
+ enumerable: true,
7113
+ writable: true,
7114
+ configurable: true,
7089
7115
  });
7090
7116
 
7091
- return obj;
7117
+ this.name = 'AxiosError';
7118
+ this.isAxiosError = true;
7119
+ code && (this.code = code);
7120
+ config && (this.config = config);
7121
+ request && (this.request = request);
7122
+ if (response) {
7123
+ this.response = response;
7124
+ this.status = response.status;
7125
+ }
7092
7126
  }
7093
7127
 
7094
- return null;
7128
+ toJSON() {
7129
+ // Opt-in redaction: when the request config carries a `redact` array, the
7130
+ // value of any matching key (case-insensitive, at any depth) is replaced
7131
+ // with REDACTED in the serialized snapshot. Undefined or empty leaves the
7132
+ // existing serialization behavior unchanged.
7133
+ const config = this.config;
7134
+ const redactKeys = config && utils$1.hasOwnProp(config, 'redact') ? config.redact : undefined;
7135
+ const serializedConfig =
7136
+ utils$1.isArray(redactKeys) && redactKeys.length > 0
7137
+ ? redactConfig(config, redactKeys)
7138
+ : utils$1.toJSONObject(config);
7139
+
7140
+ return {
7141
+ // Standard
7142
+ message: this.message,
7143
+ name: this.name,
7144
+ // Microsoft
7145
+ description: this.description,
7146
+ number: this.number,
7147
+ // Mozilla
7148
+ fileName: this.fileName,
7149
+ lineNumber: this.lineNumber,
7150
+ columnNumber: this.columnNumber,
7151
+ stack: this.stack,
7152
+ // Axios
7153
+ config: serializedConfig,
7154
+ code: this.code,
7155
+ status: this.status,
7156
+ };
7157
+ }
7095
7158
  }
7096
7159
 
7160
+ // This can be changed to static properties as soon as the parser options in .eslint.cjs are updated.
7161
+ AxiosError.ERR_BAD_OPTION_VALUE = 'ERR_BAD_OPTION_VALUE';
7162
+ AxiosError.ERR_BAD_OPTION = 'ERR_BAD_OPTION';
7163
+ AxiosError.ECONNABORTED = 'ECONNABORTED';
7164
+ AxiosError.ETIMEDOUT = 'ETIMEDOUT';
7165
+ AxiosError.ECONNREFUSED = 'ECONNREFUSED';
7166
+ AxiosError.ERR_NETWORK = 'ERR_NETWORK';
7167
+ AxiosError.ERR_FR_TOO_MANY_REDIRECTS = 'ERR_FR_TOO_MANY_REDIRECTS';
7168
+ AxiosError.ERR_DEPRECATED = 'ERR_DEPRECATED';
7169
+ AxiosError.ERR_BAD_RESPONSE = 'ERR_BAD_RESPONSE';
7170
+ AxiosError.ERR_BAD_REQUEST = 'ERR_BAD_REQUEST';
7171
+ AxiosError.ERR_CANCELED = 'ERR_CANCELED';
7172
+ AxiosError.ERR_NOT_SUPPORT = 'ERR_NOT_SUPPORT';
7173
+ AxiosError.ERR_INVALID_URL = 'ERR_INVALID_URL';
7174
+ AxiosError.ERR_FORM_DATA_DEPTH_EXCEEDED = 'ERR_FORM_DATA_DEPTH_EXCEEDED';
7175
+
7176
+ // eslint-disable-next-line strict
7177
+ var httpAdapter = null;
7178
+
7179
+ // Default nesting limit shared with the inverse transform (formDataToJSON) so
7180
+ // the FormData <-> JSON round-trip stays symmetric.
7181
+ const DEFAULT_FORM_DATA_MAX_DEPTH = 100;
7182
+
7097
7183
  /**
7098
- * It takes a string, tries to parse it, and if it fails, it returns the stringified version
7099
- * of the input
7184
+ * Determines if the given thing is a array or js object.
7100
7185
  *
7101
- * @param {any} rawValue - The value to be stringified.
7102
- * @param {Function} parser - A function that parses a string into a JavaScript object.
7103
- * @param {Function} encoder - A function that takes a value and returns a string.
7186
+ * @param {string} thing - The object or array to be visited.
7104
7187
  *
7105
- * @returns {string} A stringified version of the rawValue.
7188
+ * @returns {boolean}
7106
7189
  */
7107
- function stringifySafely(rawValue, parser, encoder) {
7108
- if (utils$1.isString(rawValue)) {
7109
- try {
7110
- (parser || JSON.parse)(rawValue);
7111
- return utils$1.trim(rawValue);
7112
- } catch (e) {
7113
- if (e.name !== 'SyntaxError') {
7114
- throw e;
7115
- }
7116
- }
7117
- }
7118
-
7119
- return (encoder || JSON.stringify)(rawValue);
7190
+ function isVisitable(thing) {
7191
+ return utils$1.isPlainObject(thing) || utils$1.isArray(thing);
7120
7192
  }
7121
7193
 
7122
- const defaults = {
7123
- transitional: transitionalDefaults,
7124
-
7125
- adapter: ['xhr', 'http', 'fetch'],
7194
+ /**
7195
+ * It removes the brackets from the end of a string
7196
+ *
7197
+ * @param {string} key - The key of the parameter.
7198
+ *
7199
+ * @returns {string} the key without the brackets.
7200
+ */
7201
+ function removeBrackets(key) {
7202
+ return utils$1.endsWith(key, '[]') ? key.slice(0, -2) : key;
7203
+ }
7126
7204
 
7127
- transformRequest: [
7128
- function transformRequest(data, headers) {
7129
- const contentType = headers.getContentType() || '';
7130
- const hasJSONContentType = contentType.indexOf('application/json') > -1;
7131
- const isObjectPayload = utils$1.isObject(data);
7205
+ /**
7206
+ * It takes a path, a key, and a boolean, and returns a string
7207
+ *
7208
+ * @param {string} path - The path to the current key.
7209
+ * @param {string} key - The key of the current object being iterated over.
7210
+ * @param {string} dots - If true, the key will be rendered with dots instead of brackets.
7211
+ *
7212
+ * @returns {string} The path to the current key.
7213
+ */
7214
+ function renderKey(path, key, dots) {
7215
+ if (!path) return key;
7216
+ return path
7217
+ .concat(key)
7218
+ .map(function each(token, i) {
7219
+ // eslint-disable-next-line no-param-reassign
7220
+ token = removeBrackets(token);
7221
+ return !dots && i ? '[' + token + ']' : token;
7222
+ })
7223
+ .join(dots ? '.' : '');
7224
+ }
7132
7225
 
7133
- if (isObjectPayload && utils$1.isHTMLForm(data)) {
7134
- data = new FormData(data);
7135
- }
7226
+ /**
7227
+ * If the array is an array and none of its elements are visitable, then it's a flat array.
7228
+ *
7229
+ * @param {Array<any>} arr - The array to check
7230
+ *
7231
+ * @returns {boolean}
7232
+ */
7233
+ function isFlatArray(arr) {
7234
+ return utils$1.isArray(arr) && !arr.some(isVisitable);
7235
+ }
7136
7236
 
7137
- const isFormData = utils$1.isFormData(data);
7237
+ const predicates = utils$1.toFlatObject(utils$1, {}, null, function filter(prop) {
7238
+ return /^is[A-Z]/.test(prop);
7239
+ });
7138
7240
 
7139
- if (isFormData) {
7140
- return hasJSONContentType ? JSON.stringify(formDataToJSON(data)) : data;
7141
- }
7241
+ /**
7242
+ * Convert a data object to FormData
7243
+ *
7244
+ * @param {Object} obj
7245
+ * @param {?Object} [formData]
7246
+ * @param {?Object} [options]
7247
+ * @param {Function} [options.visitor]
7248
+ * @param {Boolean} [options.metaTokens = true]
7249
+ * @param {Boolean} [options.dots = false]
7250
+ * @param {?Boolean} [options.indexes = false]
7251
+ *
7252
+ * @returns {Object}
7253
+ **/
7142
7254
 
7143
- if (
7144
- utils$1.isArrayBuffer(data) ||
7145
- utils$1.isBuffer(data) ||
7146
- utils$1.isStream(data) ||
7147
- utils$1.isFile(data) ||
7148
- utils$1.isBlob(data) ||
7149
- utils$1.isReadableStream(data)
7150
- ) {
7151
- return data;
7152
- }
7153
- if (utils$1.isArrayBufferView(data)) {
7154
- return data.buffer;
7155
- }
7156
- if (utils$1.isURLSearchParams(data)) {
7157
- headers.setContentType('application/x-www-form-urlencoded;charset=utf-8', false);
7158
- return data.toString();
7159
- }
7255
+ /**
7256
+ * It converts an object into a FormData object
7257
+ *
7258
+ * @param {Object<any, any>} obj - The object to convert to form data.
7259
+ * @param {string} formData - The FormData object to append to.
7260
+ * @param {Object<string, any>} options
7261
+ *
7262
+ * @returns
7263
+ */
7264
+ function toFormData(obj, formData, options) {
7265
+ if (!utils$1.isObject(obj)) {
7266
+ throw new TypeError('target must be an object');
7267
+ }
7160
7268
 
7161
- let isFileList;
7269
+ // eslint-disable-next-line no-param-reassign
7270
+ formData = formData || new (FormData)();
7162
7271
 
7163
- if (isObjectPayload) {
7164
- if (contentType.indexOf('application/x-www-form-urlencoded') > -1) {
7165
- return toURLEncodedForm(data, this.formSerializer).toString();
7166
- }
7272
+ // eslint-disable-next-line no-param-reassign
7273
+ options = utils$1.toFlatObject(
7274
+ options,
7275
+ {
7276
+ metaTokens: true,
7277
+ dots: false,
7278
+ indexes: false,
7279
+ },
7280
+ false,
7281
+ function defined(option, source) {
7282
+ // eslint-disable-next-line no-eq-null,eqeqeq
7283
+ return !utils$1.isUndefined(source[option]);
7284
+ }
7285
+ );
7167
7286
 
7168
- if (
7169
- (isFileList = utils$1.isFileList(data)) ||
7170
- contentType.indexOf('multipart/form-data') > -1
7171
- ) {
7172
- const _FormData = this.env && this.env.FormData;
7287
+ const metaTokens = options.metaTokens;
7288
+ // eslint-disable-next-line no-use-before-define
7289
+ const visitor = options.visitor || defaultVisitor;
7290
+ const dots = options.dots;
7291
+ const indexes = options.indexes;
7292
+ const _Blob = options.Blob || (typeof Blob !== 'undefined' && Blob);
7293
+ const maxDepth = options.maxDepth === undefined ? DEFAULT_FORM_DATA_MAX_DEPTH : options.maxDepth;
7294
+ const useBlob = _Blob && utils$1.isSpecCompliantForm(formData);
7295
+ const stack = [];
7173
7296
 
7174
- return toFormData(
7175
- isFileList ? { 'files[]': data } : data,
7176
- _FormData && new _FormData(),
7177
- this.formSerializer
7178
- );
7179
- }
7180
- }
7297
+ if (!utils$1.isFunction(visitor)) {
7298
+ throw new TypeError('visitor must be a function');
7299
+ }
7181
7300
 
7182
- if (isObjectPayload || hasJSONContentType) {
7183
- headers.setContentType('application/json', false);
7184
- return stringifySafely(data);
7185
- }
7301
+ function convertValue(value) {
7302
+ if (value === null) return '';
7186
7303
 
7187
- return data;
7188
- },
7189
- ],
7304
+ if (utils$1.isDate(value)) {
7305
+ return value.toISOString();
7306
+ }
7190
7307
 
7191
- transformResponse: [
7192
- function transformResponse(data) {
7193
- const transitional = this.transitional || defaults.transitional;
7194
- const forcedJSONParsing = transitional && transitional.forcedJSONParsing;
7195
- const JSONRequested = this.responseType === 'json';
7308
+ if (utils$1.isBoolean(value)) {
7309
+ return value.toString();
7310
+ }
7196
7311
 
7197
- if (utils$1.isResponse(data) || utils$1.isReadableStream(data)) {
7198
- return data;
7199
- }
7312
+ if (!useBlob && utils$1.isBlob(value)) {
7313
+ throw new AxiosError('Blob is not supported. Use a Buffer instead.');
7314
+ }
7200
7315
 
7201
- if (
7202
- data &&
7203
- utils$1.isString(data) &&
7204
- ((forcedJSONParsing && !this.responseType) || JSONRequested)
7205
- ) {
7206
- const silentJSONParsing = transitional && transitional.silentJSONParsing;
7207
- const strictJSONParsing = !silentJSONParsing && JSONRequested;
7316
+ if (utils$1.isArrayBuffer(value) || utils$1.isTypedArray(value)) {
7317
+ return useBlob && typeof Blob === 'function' ? new Blob([value]) : Buffer.from(value);
7318
+ }
7208
7319
 
7209
- try {
7210
- return JSON.parse(data, this.parseReviver);
7211
- } catch (e) {
7212
- if (strictJSONParsing) {
7213
- if (e.name === 'SyntaxError') {
7214
- throw AxiosError.from(e, AxiosError.ERR_BAD_RESPONSE, this, null, this.response);
7215
- }
7216
- throw e;
7217
- }
7218
- }
7320
+ return value;
7321
+ }
7322
+
7323
+ function throwIfMaxDepthExceeded(depth) {
7324
+ if (depth > maxDepth) {
7325
+ throw new AxiosError(
7326
+ 'Object is too deeply nested (' + depth + ' levels). Max depth: ' + maxDepth,
7327
+ AxiosError.ERR_FORM_DATA_DEPTH_EXCEEDED
7328
+ );
7329
+ }
7330
+ }
7331
+
7332
+ function stringifyWithDepthLimit(value, depth) {
7333
+ if (maxDepth === Infinity) {
7334
+ return JSON.stringify(value);
7335
+ }
7336
+
7337
+ const ancestors = [];
7338
+
7339
+ return JSON.stringify(value, function limitDepth(_key, currentValue) {
7340
+ if (!utils$1.isObject(currentValue)) {
7341
+ return currentValue;
7219
7342
  }
7220
7343
 
7221
- return data;
7222
- },
7223
- ],
7344
+ while (ancestors.length && ancestors[ancestors.length - 1] !== this) {
7345
+ ancestors.pop();
7346
+ }
7347
+
7348
+ ancestors.push(currentValue);
7349
+ throwIfMaxDepthExceeded(depth + ancestors.length - 1);
7350
+
7351
+ return currentValue;
7352
+ });
7353
+ }
7224
7354
 
7225
7355
  /**
7226
- * A timeout in milliseconds to abort a request. If set to 0 (default) a
7227
- * timeout is not created.
7356
+ * Default visitor.
7357
+ *
7358
+ * @param {*} value
7359
+ * @param {String|Number} key
7360
+ * @param {Array<String|Number>} path
7361
+ * @this {FormData}
7362
+ *
7363
+ * @returns {boolean} return true to visit the each prop of the value recursively
7228
7364
  */
7229
- timeout: 0,
7230
-
7231
- xsrfCookieName: 'XSRF-TOKEN',
7232
- xsrfHeaderName: 'X-XSRF-TOKEN',
7365
+ function defaultVisitor(value, key, path) {
7366
+ let arr = value;
7233
7367
 
7234
- maxContentLength: -1,
7235
- maxBodyLength: -1,
7368
+ if (utils$1.isReactNative(formData) && utils$1.isReactNativeBlob(value)) {
7369
+ formData.append(renderKey(path, key, dots), convertValue(value));
7370
+ return false;
7371
+ }
7236
7372
 
7237
- env: {
7238
- FormData: platform.classes.FormData,
7239
- Blob: platform.classes.Blob,
7240
- },
7373
+ if (value && !path && typeof value === 'object') {
7374
+ if (utils$1.endsWith(key, '{}')) {
7375
+ // eslint-disable-next-line no-param-reassign
7376
+ key = metaTokens ? key : key.slice(0, -2);
7377
+ // eslint-disable-next-line no-param-reassign
7378
+ value = stringifyWithDepthLimit(value, 1);
7379
+ } else if (
7380
+ (utils$1.isArray(value) && isFlatArray(value)) ||
7381
+ ((utils$1.isFileList(value) || utils$1.endsWith(key, '[]')) && (arr = utils$1.toArray(value)))
7382
+ ) {
7383
+ // eslint-disable-next-line no-param-reassign
7384
+ key = removeBrackets(key);
7241
7385
 
7242
- validateStatus: function validateStatus(status) {
7243
- return status >= 200 && status < 300;
7244
- },
7386
+ arr.forEach(function each(el, index) {
7387
+ !(utils$1.isUndefined(el) || el === null) &&
7388
+ formData.append(
7389
+ // eslint-disable-next-line no-nested-ternary
7390
+ indexes === true
7391
+ ? renderKey([key], index, dots)
7392
+ : indexes === null
7393
+ ? key
7394
+ : key + '[]',
7395
+ convertValue(el)
7396
+ );
7397
+ });
7398
+ return false;
7399
+ }
7400
+ }
7245
7401
 
7246
- headers: {
7247
- common: {
7248
- Accept: 'application/json, text/plain, */*',
7249
- 'Content-Type': undefined,
7250
- },
7251
- },
7252
- };
7402
+ if (isVisitable(value)) {
7403
+ return true;
7404
+ }
7253
7405
 
7254
- utils$1.forEach(['delete', 'get', 'head', 'post', 'put', 'patch'], (method) => {
7255
- defaults.headers[method] = {};
7256
- });
7406
+ formData.append(renderKey(path, key, dots), convertValue(value));
7257
7407
 
7258
- // RawAxiosHeaders whose duplicates are ignored by node
7259
- // c.f. https://nodejs.org/api/http.html#http_message_headers
7260
- const ignoreDuplicateOf = utils$1.toObjectSet([
7261
- 'age',
7262
- 'authorization',
7263
- 'content-length',
7264
- 'content-type',
7265
- 'etag',
7266
- 'expires',
7267
- 'from',
7268
- 'host',
7269
- 'if-modified-since',
7270
- 'if-unmodified-since',
7271
- 'last-modified',
7272
- 'location',
7273
- 'max-forwards',
7274
- 'proxy-authorization',
7275
- 'referer',
7276
- 'retry-after',
7277
- 'user-agent',
7278
- ]);
7408
+ return false;
7409
+ }
7279
7410
 
7280
- /**
7281
- * Parse headers into an object
7282
- *
7283
- * ```
7284
- * Date: Wed, 27 Aug 2014 08:58:49 GMT
7285
- * Content-Type: application/json
7286
- * Connection: keep-alive
7287
- * Transfer-Encoding: chunked
7288
- * ```
7289
- *
7290
- * @param {String} rawHeaders Headers needing to be parsed
7291
- *
7292
- * @returns {Object} Headers parsed into an object
7293
- */
7294
- var parseHeaders = (rawHeaders) => {
7295
- const parsed = {};
7296
- let key;
7297
- let val;
7298
- let i;
7411
+ const exposedHelpers = Object.assign(predicates, {
7412
+ defaultVisitor,
7413
+ convertValue,
7414
+ isVisitable,
7415
+ });
7299
7416
 
7300
- rawHeaders &&
7301
- rawHeaders.split('\n').forEach(function parser(line) {
7302
- i = line.indexOf(':');
7303
- key = line.substring(0, i).trim().toLowerCase();
7304
- val = line.substring(i + 1).trim();
7417
+ function build(value, path, depth = 0) {
7418
+ if (utils$1.isUndefined(value)) return;
7305
7419
 
7306
- if (!key || (parsed[key] && ignoreDuplicateOf[key])) {
7307
- return;
7308
- }
7420
+ throwIfMaxDepthExceeded(depth);
7309
7421
 
7310
- if (key === 'set-cookie') {
7311
- if (parsed[key]) {
7312
- parsed[key].push(val);
7313
- } else {
7314
- parsed[key] = [val];
7315
- }
7316
- } else {
7317
- parsed[key] = parsed[key] ? parsed[key] + ', ' + val : val;
7318
- }
7319
- });
7422
+ if (stack.indexOf(value) !== -1) {
7423
+ throw new Error('Circular reference detected in ' + path.join('.'));
7424
+ }
7320
7425
 
7321
- return parsed;
7322
- };
7426
+ stack.push(value);
7323
7427
 
7324
- const $internals = Symbol('internals');
7428
+ utils$1.forEach(value, function each(el, key) {
7429
+ const result =
7430
+ !(utils$1.isUndefined(el) || el === null) &&
7431
+ visitor.call(formData, el, utils$1.isString(key) ? key.trim() : key, path, exposedHelpers);
7325
7432
 
7326
- const isValidHeaderValue = (value) => !/[\r\n]/.test(value);
7433
+ if (result === true) {
7434
+ build(el, path ? path.concat(key) : [key], depth + 1);
7435
+ }
7436
+ });
7327
7437
 
7328
- function assertValidHeaderValue(value, header) {
7329
- if (value === false || value == null) {
7330
- return;
7438
+ stack.pop();
7331
7439
  }
7332
7440
 
7333
- if (utils$1.isArray(value)) {
7334
- value.forEach((v) => assertValidHeaderValue(v, header));
7335
- return;
7441
+ if (!utils$1.isObject(obj)) {
7442
+ throw new TypeError('data must be an object');
7336
7443
  }
7337
7444
 
7338
- if (!isValidHeaderValue(String(value))) {
7339
- throw new Error(`Invalid character in header content ["${header}"]`);
7340
- }
7445
+ build(obj);
7446
+
7447
+ return formData;
7341
7448
  }
7342
7449
 
7343
- function normalizeHeader(header) {
7344
- return header && String(header).trim().toLowerCase();
7450
+ /**
7451
+ * It encodes a string by replacing all characters that are not in the unreserved set with
7452
+ * their percent-encoded equivalents
7453
+ *
7454
+ * @param {string} str - The string to encode.
7455
+ *
7456
+ * @returns {string} The encoded string.
7457
+ */
7458
+ function encode$1(str) {
7459
+ const charMap = {
7460
+ '!': '%21',
7461
+ "'": '%27',
7462
+ '(': '%28',
7463
+ ')': '%29',
7464
+ '~': '%7E',
7465
+ '%20': '+',
7466
+ };
7467
+ return encodeURIComponent(str).replace(/[!'()~]|%20/g, function replacer(match) {
7468
+ return charMap[match];
7469
+ });
7345
7470
  }
7346
7471
 
7347
- function stripTrailingCRLF(str) {
7348
- let end = str.length;
7472
+ /**
7473
+ * It takes a params object and converts it to a FormData object
7474
+ *
7475
+ * @param {Object<string, any>} params - The parameters to be converted to a FormData object.
7476
+ * @param {Object<string, any>} options - The options object passed to the Axios constructor.
7477
+ *
7478
+ * @returns {void}
7479
+ */
7480
+ function AxiosURLSearchParams(params, options) {
7481
+ this._pairs = [];
7349
7482
 
7350
- while (end > 0) {
7351
- const charCode = str.charCodeAt(end - 1);
7483
+ params && toFormData(params, this, options);
7484
+ }
7352
7485
 
7353
- if (charCode !== 10 && charCode !== 13) {
7354
- break;
7355
- }
7486
+ const prototype = AxiosURLSearchParams.prototype;
7356
7487
 
7357
- end -= 1;
7358
- }
7488
+ prototype.append = function append(name, value) {
7489
+ this._pairs.push([name, value]);
7490
+ };
7491
+
7492
+ prototype.toString = function toString(encoder) {
7493
+ const _encode = encoder
7494
+ ? function (value) {
7495
+ return encoder.call(this, value, encode$1);
7496
+ }
7497
+ : encode$1;
7498
+
7499
+ return this._pairs
7500
+ .map(function each(pair) {
7501
+ return _encode(pair[0]) + '=' + _encode(pair[1]);
7502
+ }, '')
7503
+ .join('&');
7504
+ };
7359
7505
 
7360
- return end === str.length ? str : str.slice(0, end);
7506
+ /**
7507
+ * It replaces URL-encoded forms of `:`, `$`, `,`, and spaces with
7508
+ * their plain counterparts (`:`, `$`, `,`, `+`).
7509
+ *
7510
+ * @param {string} val The value to be encoded.
7511
+ *
7512
+ * @returns {string} The encoded value.
7513
+ */
7514
+ function encode(val) {
7515
+ return encodeURIComponent(val)
7516
+ .replace(/%3A/gi, ':')
7517
+ .replace(/%24/g, '$')
7518
+ .replace(/%2C/gi, ',')
7519
+ .replace(/%20/g, '+');
7361
7520
  }
7362
7521
 
7363
- function normalizeValue(value) {
7364
- if (value === false || value == null) {
7365
- return value;
7522
+ /**
7523
+ * Build a URL by appending params to the end
7524
+ *
7525
+ * @param {string} url The base of the url (e.g., http://www.google.com)
7526
+ * @param {object} [params] The params to be appended
7527
+ * @param {?(object|Function)} options
7528
+ *
7529
+ * @returns {string} The formatted url
7530
+ */
7531
+ function buildURL(url, params, options) {
7532
+ if (!params) {
7533
+ return url;
7366
7534
  }
7367
7535
 
7368
- return utils$1.isArray(value) ? value.map(normalizeValue) : stripTrailingCRLF(String(value));
7369
- }
7536
+ const _options = utils$1.isFunction(options)
7537
+ ? {
7538
+ serialize: options,
7539
+ }
7540
+ : options;
7370
7541
 
7371
- function parseTokens(str) {
7372
- const tokens = Object.create(null);
7373
- const tokensRE = /([^\s,;=]+)\s*(?:=\s*([^,;]+))?/g;
7374
- let match;
7542
+ // Read serializer options pollution-safely: own properties and methods on a
7543
+ // class/template prototype are honored, but values injected onto a polluted
7544
+ // Object.prototype are ignored.
7545
+ const _encode = utils$1.getSafeProp(_options, 'encode') || encode;
7546
+ const serializeFn = utils$1.getSafeProp(_options, 'serialize');
7375
7547
 
7376
- while ((match = tokensRE.exec(str))) {
7377
- tokens[match[1]] = match[2];
7548
+ let serializedParams;
7549
+
7550
+ if (serializeFn) {
7551
+ serializedParams = serializeFn(params, _options);
7552
+ } else {
7553
+ serializedParams = utils$1.isURLSearchParams(params)
7554
+ ? params.toString()
7555
+ : new AxiosURLSearchParams(params, _options).toString(_encode);
7378
7556
  }
7379
7557
 
7380
- return tokens;
7381
- }
7558
+ if (serializedParams) {
7559
+ const hashmarkIndex = url.indexOf('#');
7382
7560
 
7383
- const isValidHeaderName = (str) => /^[-_a-zA-Z0-9^`|~,!#$%&'*+.]+$/.test(str.trim());
7561
+ if (hashmarkIndex !== -1) {
7562
+ url = url.slice(0, hashmarkIndex);
7563
+ }
7564
+ url += (url.indexOf('?') === -1 ? '?' : '&') + serializedParams;
7565
+ }
7384
7566
 
7385
- function matchHeaderValue(context, value, header, filter, isHeaderNameFilter) {
7386
- if (utils$1.isFunction(filter)) {
7387
- return filter.call(this, value, header);
7567
+ return url;
7568
+ }
7569
+
7570
+ class InterceptorManager {
7571
+ constructor() {
7572
+ this.handlers = [];
7388
7573
  }
7389
7574
 
7390
- if (isHeaderNameFilter) {
7391
- value = header;
7575
+ /**
7576
+ * Add a new interceptor to the stack
7577
+ *
7578
+ * @param {Function} fulfilled The function to handle `then` for a `Promise`
7579
+ * @param {Function} rejected The function to handle `reject` for a `Promise`
7580
+ * @param {Object} options The options for the interceptor, synchronous and runWhen
7581
+ *
7582
+ * @return {Number} An ID used to remove interceptor later
7583
+ */
7584
+ use(fulfilled, rejected, options) {
7585
+ this.handlers.push({
7586
+ fulfilled,
7587
+ rejected,
7588
+ synchronous: options ? options.synchronous : false,
7589
+ runWhen: options ? options.runWhen : null,
7590
+ });
7591
+ return this.handlers.length - 1;
7392
7592
  }
7393
7593
 
7394
- if (!utils$1.isString(value)) return;
7395
-
7396
- if (utils$1.isString(filter)) {
7397
- return value.indexOf(filter) !== -1;
7594
+ /**
7595
+ * Remove an interceptor from the stack
7596
+ *
7597
+ * @param {Number} id The ID that was returned by `use`
7598
+ *
7599
+ * @returns {void}
7600
+ */
7601
+ eject(id) {
7602
+ if (this.handlers[id]) {
7603
+ this.handlers[id] = null;
7604
+ }
7398
7605
  }
7399
7606
 
7400
- if (utils$1.isRegExp(filter)) {
7401
- return filter.test(value);
7607
+ /**
7608
+ * Clear all interceptors from the stack
7609
+ *
7610
+ * @returns {void}
7611
+ */
7612
+ clear() {
7613
+ if (this.handlers) {
7614
+ this.handlers = [];
7615
+ }
7402
7616
  }
7403
- }
7404
-
7405
- function formatHeader(header) {
7406
- return header
7407
- .trim()
7408
- .toLowerCase()
7409
- .replace(/([a-z\d])(\w*)/g, (w, char, str) => {
7410
- return char.toUpperCase() + str;
7411
- });
7412
- }
7413
-
7414
- function buildAccessors(obj, header) {
7415
- const accessorName = utils$1.toCamelCase(' ' + header);
7416
7617
 
7417
- ['get', 'set', 'has'].forEach((methodName) => {
7418
- Object.defineProperty(obj, methodName + accessorName, {
7419
- value: function (arg1, arg2, arg3) {
7420
- return this[methodName].call(this, header, arg1, arg2, arg3);
7421
- },
7422
- configurable: true,
7618
+ /**
7619
+ * Iterate over all the registered interceptors
7620
+ *
7621
+ * This method is particularly useful for skipping over any
7622
+ * interceptors that may have become `null` calling `eject`.
7623
+ *
7624
+ * @param {Function} fn The function to call for each interceptor
7625
+ *
7626
+ * @returns {void}
7627
+ */
7628
+ forEach(fn) {
7629
+ utils$1.forEach(this.handlers, function forEachHandler(h) {
7630
+ if (h !== null) {
7631
+ fn(h);
7632
+ }
7423
7633
  });
7424
- });
7425
- }
7426
-
7427
- class AxiosHeaders {
7428
- constructor(headers) {
7429
- headers && this.set(headers);
7430
7634
  }
7635
+ }
7431
7636
 
7432
- set(header, valueOrRewrite, rewrite) {
7433
- const self = this;
7637
+ var transitionalDefaults = {
7638
+ silentJSONParsing: true,
7639
+ forcedJSONParsing: true,
7640
+ clarifyTimeoutError: false,
7641
+ legacyInterceptorReqResOrdering: true,
7642
+ advertiseZstdAcceptEncoding: false,
7643
+ validateStatusUndefinedResolves: true,
7644
+ };
7434
7645
 
7435
- function setHeader(_value, _header, _rewrite) {
7436
- const lHeader = normalizeHeader(_header);
7646
+ var URLSearchParams$1 = typeof URLSearchParams !== 'undefined' ? URLSearchParams : AxiosURLSearchParams;
7437
7647
 
7438
- if (!lHeader) {
7439
- throw new Error('header name must be a non-empty string');
7440
- }
7648
+ var FormData$1 = typeof FormData !== 'undefined' ? FormData : null;
7441
7649
 
7442
- const key = utils$1.findKey(self, lHeader);
7650
+ var Blob$1 = typeof Blob !== 'undefined' ? Blob : null;
7443
7651
 
7444
- if (
7445
- !key ||
7446
- self[key] === undefined ||
7447
- _rewrite === true ||
7448
- (_rewrite === undefined && self[key] !== false)
7449
- ) {
7450
- assertValidHeaderValue(_value, _header);
7451
- self[key || _header] = normalizeValue(_value);
7452
- }
7453
- }
7652
+ var platform$1 = {
7653
+ isBrowser: true,
7654
+ classes: {
7655
+ URLSearchParams: URLSearchParams$1,
7656
+ FormData: FormData$1,
7657
+ Blob: Blob$1,
7658
+ },
7659
+ protocols: ['http', 'https', 'file', 'blob', 'url', 'data'],
7660
+ };
7454
7661
 
7455
- const setHeaders = (headers, _rewrite) =>
7456
- utils$1.forEach(headers, (_value, _header) => setHeader(_value, _header, _rewrite));
7662
+ const hasBrowserEnv = typeof window !== 'undefined' && typeof document !== 'undefined';
7457
7663
 
7458
- if (utils$1.isPlainObject(header) || header instanceof this.constructor) {
7459
- setHeaders(header, valueOrRewrite);
7460
- } else if (utils$1.isString(header) && (header = header.trim()) && !isValidHeaderName(header)) {
7461
- setHeaders(parseHeaders(header), valueOrRewrite);
7462
- } else if (utils$1.isObject(header) && utils$1.isIterable(header)) {
7463
- let obj = {},
7464
- dest,
7465
- key;
7466
- for (const entry of header) {
7467
- if (!utils$1.isArray(entry)) {
7468
- throw TypeError('Object iterator must return a key-value pair');
7469
- }
7664
+ const _navigator = (typeof navigator === 'object' && navigator) || undefined;
7470
7665
 
7471
- obj[(key = entry[0])] = (dest = obj[key])
7472
- ? utils$1.isArray(dest)
7473
- ? [...dest, entry[1]]
7474
- : [dest, entry[1]]
7475
- : entry[1];
7476
- }
7666
+ /**
7667
+ * Determine if we're running in a standard browser environment
7668
+ *
7669
+ * This allows axios to run in a web worker, and react-native.
7670
+ * Both environments support XMLHttpRequest, but not fully standard globals.
7671
+ *
7672
+ * web workers:
7673
+ * typeof window -> undefined
7674
+ * typeof document -> undefined
7675
+ *
7676
+ * react-native:
7677
+ * navigator.product -> 'ReactNative'
7678
+ * nativescript
7679
+ * navigator.product -> 'NativeScript' or 'NS'
7680
+ *
7681
+ * @returns {boolean}
7682
+ */
7683
+ const hasStandardBrowserEnv =
7684
+ hasBrowserEnv &&
7685
+ (!_navigator || ['ReactNative', 'NativeScript', 'NS'].indexOf(_navigator.product) < 0);
7477
7686
 
7478
- setHeaders(obj, valueOrRewrite);
7479
- } else {
7480
- header != null && setHeader(valueOrRewrite, header, rewrite);
7481
- }
7687
+ /**
7688
+ * Determine if we're running in a standard browser webWorker environment
7689
+ *
7690
+ * Although the `isStandardBrowserEnv` method indicates that
7691
+ * `allows axios to run in a web worker`, the WebWorker will still be
7692
+ * filtered out due to its judgment standard
7693
+ * `typeof window !== 'undefined' && typeof document !== 'undefined'`.
7694
+ * This leads to a problem when axios post `FormData` in webWorker
7695
+ */
7696
+ const hasStandardBrowserWebWorkerEnv = (() => {
7697
+ return (
7698
+ typeof WorkerGlobalScope !== 'undefined' &&
7699
+ // eslint-disable-next-line no-undef
7700
+ self instanceof WorkerGlobalScope &&
7701
+ typeof self.importScripts === 'function'
7702
+ );
7703
+ })();
7482
7704
 
7483
- return this;
7484
- }
7705
+ const origin = (hasBrowserEnv && window.location.href) || 'http://localhost';
7485
7706
 
7486
- get(header, parser) {
7487
- header = normalizeHeader(header);
7707
+ var utils = /*#__PURE__*/Object.freeze({
7708
+ __proto__: null,
7709
+ hasBrowserEnv: hasBrowserEnv,
7710
+ hasStandardBrowserEnv: hasStandardBrowserEnv,
7711
+ hasStandardBrowserWebWorkerEnv: hasStandardBrowserWebWorkerEnv,
7712
+ navigator: _navigator,
7713
+ origin: origin
7714
+ });
7488
7715
 
7489
- if (header) {
7490
- const key = utils$1.findKey(this, header);
7716
+ var platform = {
7717
+ ...utils,
7718
+ ...platform$1,
7719
+ };
7491
7720
 
7492
- if (key) {
7493
- const value = this[key];
7721
+ function toURLEncodedForm(data, options) {
7722
+ return toFormData(data, new platform.classes.URLSearchParams(), {
7723
+ visitor: function (value, key, path, helpers) {
7724
+ if (platform.isNode && utils$1.isBuffer(value)) {
7725
+ this.append(key, value.toString('base64'));
7726
+ return false;
7727
+ }
7494
7728
 
7495
- if (!parser) {
7496
- return value;
7497
- }
7729
+ return helpers.defaultVisitor.apply(this, arguments);
7730
+ },
7731
+ ...options,
7732
+ });
7733
+ }
7498
7734
 
7499
- if (parser === true) {
7500
- return parseTokens(value);
7501
- }
7735
+ const MAX_DEPTH = DEFAULT_FORM_DATA_MAX_DEPTH;
7502
7736
 
7503
- if (utils$1.isFunction(parser)) {
7504
- return parser.call(this, value, key);
7505
- }
7737
+ function throwIfDepthExceeded(index) {
7738
+ if (index > MAX_DEPTH) {
7739
+ throw new AxiosError(
7740
+ 'FormData field is too deeply nested (' + index + ' levels). Max depth: ' + MAX_DEPTH,
7741
+ AxiosError.ERR_FORM_DATA_DEPTH_EXCEEDED
7742
+ );
7743
+ }
7744
+ }
7506
7745
 
7507
- if (utils$1.isRegExp(parser)) {
7508
- return parser.exec(value);
7509
- }
7746
+ /**
7747
+ * It takes a string like `foo[x][y][z]` and returns an array like `['foo', 'x', 'y', 'z']
7748
+ *
7749
+ * @param {string} name - The name of the property to get.
7750
+ *
7751
+ * @returns An array of strings.
7752
+ */
7753
+ function parsePropPath(name) {
7754
+ // foo[x][y][z]
7755
+ // foo.x.y.z
7756
+ // foo-x-y-z
7757
+ // foo x y z
7758
+ const path = [];
7759
+ const pattern = /\w+|\[(\w*)]/g;
7760
+ let match;
7510
7761
 
7511
- throw new TypeError('parser must be boolean|regexp|function');
7512
- }
7513
- }
7762
+ while ((match = pattern.exec(name)) !== null) {
7763
+ throwIfDepthExceeded(path.length);
7764
+ path.push(match[0] === '[]' ? '' : match[1] || match[0]);
7514
7765
  }
7515
7766
 
7516
- has(header, matcher) {
7517
- header = normalizeHeader(header);
7767
+ return path;
7768
+ }
7518
7769
 
7519
- if (header) {
7520
- const key = utils$1.findKey(this, header);
7770
+ /**
7771
+ * Convert an array to an object.
7772
+ *
7773
+ * @param {Array<any>} arr - The array to convert to an object.
7774
+ *
7775
+ * @returns An object with the same keys and values as the array.
7776
+ */
7777
+ function arrayToObject(arr) {
7778
+ const obj = {};
7779
+ const keys = Object.keys(arr);
7780
+ let i;
7781
+ const len = keys.length;
7782
+ let key;
7783
+ for (i = 0; i < len; i++) {
7784
+ key = keys[i];
7785
+ obj[key] = arr[key];
7786
+ }
7787
+ return obj;
7788
+ }
7521
7789
 
7522
- return !!(
7523
- key &&
7524
- this[key] !== undefined &&
7525
- (!matcher || matchHeaderValue(this, this[key], key, matcher))
7526
- );
7527
- }
7790
+ /**
7791
+ * It takes a FormData object and returns a JavaScript object
7792
+ *
7793
+ * @param {string} formData The FormData object to convert to JSON.
7794
+ *
7795
+ * @returns {Object<string, any> | null} The converted object.
7796
+ */
7797
+ function formDataToJSON(formData) {
7798
+ function buildPath(path, value, target, index) {
7799
+ throwIfDepthExceeded(index);
7528
7800
 
7529
- return false;
7530
- }
7801
+ let name = path[index++];
7531
7802
 
7532
- delete(header, matcher) {
7533
- const self = this;
7534
- let deleted = false;
7803
+ if (name === '__proto__') return true;
7535
7804
 
7536
- function deleteHeader(_header) {
7537
- _header = normalizeHeader(_header);
7805
+ const isNumericKey = Number.isFinite(+name);
7806
+ const isLast = index >= path.length;
7807
+ name = !name && utils$1.isArray(target) ? target.length : name;
7538
7808
 
7539
- if (_header) {
7540
- const key = utils$1.findKey(self, _header);
7809
+ if (isLast) {
7810
+ if (utils$1.hasOwnProp(target, name)) {
7811
+ target[name] = utils$1.isArray(target[name])
7812
+ ? target[name].concat(value)
7813
+ : [target[name], value];
7814
+ } else {
7815
+ target[name] = value;
7816
+ }
7541
7817
 
7542
- if (key && (!matcher || matchHeaderValue(self, self[key], key, matcher))) {
7543
- delete self[key];
7818
+ return !isNumericKey;
7819
+ }
7544
7820
 
7545
- deleted = true;
7546
- }
7547
- }
7821
+ if (!utils$1.hasOwnProp(target, name) || !utils$1.isObject(target[name])) {
7822
+ target[name] = [];
7548
7823
  }
7549
7824
 
7550
- if (utils$1.isArray(header)) {
7551
- header.forEach(deleteHeader);
7552
- } else {
7553
- deleteHeader(header);
7825
+ const result = buildPath(path, value, target[name], index);
7826
+
7827
+ if (result && utils$1.isArray(target[name])) {
7828
+ target[name] = arrayToObject(target[name]);
7554
7829
  }
7555
7830
 
7556
- return deleted;
7831
+ return !isNumericKey;
7557
7832
  }
7558
7833
 
7559
- clear(matcher) {
7560
- const keys = Object.keys(this);
7561
- let i = keys.length;
7562
- let deleted = false;
7834
+ if (utils$1.isFormData(formData) && utils$1.isFunction(formData.entries)) {
7835
+ const obj = {};
7563
7836
 
7564
- while (i--) {
7565
- const key = keys[i];
7566
- if (!matcher || matchHeaderValue(this, this[key], key, matcher, true)) {
7567
- delete this[key];
7568
- deleted = true;
7569
- }
7570
- }
7837
+ utils$1.forEachEntry(formData, (name, value) => {
7838
+ buildPath(parsePropPath(name), value, obj, 0);
7839
+ });
7571
7840
 
7572
- return deleted;
7841
+ return obj;
7573
7842
  }
7574
7843
 
7575
- normalize(format) {
7576
- const self = this;
7577
- const headers = {};
7844
+ return null;
7845
+ }
7578
7846
 
7579
- utils$1.forEach(this, (value, header) => {
7580
- const key = utils$1.findKey(headers, header);
7847
+ const own = (obj, key) => (obj != null && utils$1.hasOwnProp(obj, key) ? obj[key] : undefined);
7581
7848
 
7582
- if (key) {
7583
- self[key] = normalizeValue(value);
7584
- delete self[header];
7585
- return;
7849
+ /**
7850
+ * It takes a string, tries to parse it, and if it fails, it returns the stringified version
7851
+ * of the input
7852
+ *
7853
+ * @param {any} rawValue - The value to be stringified.
7854
+ * @param {Function} parser - A function that parses a string into a JavaScript object.
7855
+ * @param {Function} encoder - A function that takes a value and returns a string.
7856
+ *
7857
+ * @returns {string} A stringified version of the rawValue.
7858
+ */
7859
+ function stringifySafely(rawValue, parser, encoder) {
7860
+ if (utils$1.isString(rawValue)) {
7861
+ try {
7862
+ (parser || JSON.parse)(rawValue);
7863
+ return utils$1.trim(rawValue);
7864
+ } catch (e) {
7865
+ if (e.name !== 'SyntaxError') {
7866
+ throw e;
7586
7867
  }
7868
+ }
7869
+ }
7587
7870
 
7588
- const normalized = format ? formatHeader(header) : String(header).trim();
7871
+ return (encoder || JSON.stringify)(rawValue);
7872
+ }
7589
7873
 
7590
- if (normalized !== header) {
7591
- delete self[header];
7592
- }
7874
+ const defaults = {
7875
+ transitional: transitionalDefaults,
7593
7876
 
7594
- self[normalized] = normalizeValue(value);
7877
+ adapter: ['xhr', 'http', 'fetch'],
7595
7878
 
7596
- headers[normalized] = true;
7597
- });
7879
+ transformRequest: [
7880
+ function transformRequest(data, headers) {
7881
+ const contentType = headers.getContentType() || '';
7882
+ const hasJSONContentType = contentType.indexOf('application/json') > -1;
7883
+ const isObjectPayload = utils$1.isObject(data);
7598
7884
 
7599
- return this;
7600
- }
7885
+ if (isObjectPayload && utils$1.isHTMLForm(data)) {
7886
+ data = new FormData(data);
7887
+ }
7601
7888
 
7602
- concat(...targets) {
7603
- return this.constructor.concat(this, ...targets);
7604
- }
7889
+ const isFormData = utils$1.isFormData(data);
7605
7890
 
7606
- toJSON(asStrings) {
7607
- const obj = Object.create(null);
7891
+ if (isFormData) {
7892
+ return hasJSONContentType ? JSON.stringify(formDataToJSON(data)) : data;
7893
+ }
7608
7894
 
7609
- utils$1.forEach(this, (value, header) => {
7610
- value != null &&
7611
- value !== false &&
7612
- (obj[header] = asStrings && utils$1.isArray(value) ? value.join(', ') : value);
7613
- });
7895
+ if (
7896
+ utils$1.isArrayBuffer(data) ||
7897
+ utils$1.isBuffer(data) ||
7898
+ utils$1.isStream(data) ||
7899
+ utils$1.isFile(data) ||
7900
+ utils$1.isBlob(data) ||
7901
+ utils$1.isReadableStream(data)
7902
+ ) {
7903
+ return data;
7904
+ }
7905
+ if (utils$1.isArrayBufferView(data)) {
7906
+ return data.buffer;
7907
+ }
7908
+ if (utils$1.isURLSearchParams(data)) {
7909
+ headers.setContentType('application/x-www-form-urlencoded;charset=utf-8', false);
7910
+ return data.toString();
7911
+ }
7614
7912
 
7615
- return obj;
7616
- }
7913
+ let isFileList;
7617
7914
 
7618
- [Symbol.iterator]() {
7619
- return Object.entries(this.toJSON())[Symbol.iterator]();
7620
- }
7915
+ if (isObjectPayload) {
7916
+ const formSerializer = own(this, 'formSerializer');
7917
+ if (contentType.indexOf('application/x-www-form-urlencoded') > -1) {
7918
+ return toURLEncodedForm(data, formSerializer).toString();
7919
+ }
7621
7920
 
7622
- toString() {
7623
- return Object.entries(this.toJSON())
7624
- .map(([header, value]) => header + ': ' + value)
7625
- .join('\n');
7626
- }
7921
+ if (
7922
+ (isFileList = utils$1.isFileList(data)) ||
7923
+ contentType.indexOf('multipart/form-data') > -1
7924
+ ) {
7925
+ const env = own(this, 'env');
7926
+ const _FormData = env && env.FormData;
7627
7927
 
7628
- getSetCookie() {
7629
- return this.get('set-cookie') || [];
7630
- }
7928
+ return toFormData(
7929
+ isFileList ? { 'files[]': data } : data,
7930
+ _FormData && new _FormData(),
7931
+ formSerializer
7932
+ );
7933
+ }
7934
+ }
7631
7935
 
7632
- get [Symbol.toStringTag]() {
7633
- return 'AxiosHeaders';
7634
- }
7936
+ if (isObjectPayload || hasJSONContentType) {
7937
+ headers.setContentType('application/json', false);
7938
+ return stringifySafely(data);
7939
+ }
7635
7940
 
7636
- static from(thing) {
7637
- return thing instanceof this ? thing : new this(thing);
7638
- }
7941
+ return data;
7942
+ },
7943
+ ],
7639
7944
 
7640
- static concat(first, ...targets) {
7641
- const computed = new this(first);
7945
+ transformResponse: [
7946
+ function transformResponse(data) {
7947
+ const transitional = own(this, 'transitional') || defaults.transitional;
7948
+ const forcedJSONParsing = transitional && transitional.forcedJSONParsing;
7949
+ const responseType = own(this, 'responseType');
7950
+ const JSONRequested = responseType === 'json';
7642
7951
 
7643
- targets.forEach((target) => computed.set(target));
7952
+ if (utils$1.isResponse(data) || utils$1.isReadableStream(data)) {
7953
+ return data;
7954
+ }
7644
7955
 
7645
- return computed;
7646
- }
7956
+ if (
7957
+ data &&
7958
+ utils$1.isString(data) &&
7959
+ ((forcedJSONParsing && !responseType) || JSONRequested)
7960
+ ) {
7961
+ const silentJSONParsing = transitional && transitional.silentJSONParsing;
7962
+ const strictJSONParsing = !silentJSONParsing && JSONRequested;
7647
7963
 
7648
- static accessor(header) {
7649
- const internals =
7650
- (this[$internals] =
7651
- this[$internals] =
7652
- {
7653
- accessors: {},
7654
- });
7964
+ try {
7965
+ return JSON.parse(data, own(this, 'parseReviver'));
7966
+ } catch (e) {
7967
+ if (strictJSONParsing) {
7968
+ if (e.name === 'SyntaxError') {
7969
+ throw AxiosError.from(e, AxiosError.ERR_BAD_RESPONSE, this, null, own(this, 'response'));
7970
+ }
7971
+ throw e;
7972
+ }
7973
+ }
7974
+ }
7655
7975
 
7656
- const accessors = internals.accessors;
7657
- const prototype = this.prototype;
7976
+ return data;
7977
+ },
7978
+ ],
7658
7979
 
7659
- function defineAccessor(_header) {
7660
- const lHeader = normalizeHeader(_header);
7980
+ /**
7981
+ * A timeout in milliseconds to abort a request. If set to 0 (default) a
7982
+ * timeout is not created.
7983
+ */
7984
+ timeout: 0,
7661
7985
 
7662
- if (!accessors[lHeader]) {
7663
- buildAccessors(prototype, _header);
7664
- accessors[lHeader] = true;
7665
- }
7666
- }
7986
+ xsrfCookieName: 'XSRF-TOKEN',
7987
+ xsrfHeaderName: 'X-XSRF-TOKEN',
7667
7988
 
7668
- utils$1.isArray(header) ? header.forEach(defineAccessor) : defineAccessor(header);
7989
+ maxContentLength: -1,
7990
+ maxBodyLength: -1,
7669
7991
 
7670
- return this;
7671
- }
7672
- }
7992
+ env: {
7993
+ FormData: platform.classes.FormData,
7994
+ Blob: platform.classes.Blob,
7995
+ },
7673
7996
 
7674
- AxiosHeaders.accessor([
7675
- 'Content-Type',
7676
- 'Content-Length',
7677
- 'Accept',
7678
- 'Accept-Encoding',
7679
- 'User-Agent',
7680
- 'Authorization',
7681
- ]);
7997
+ validateStatus: function validateStatus(status) {
7998
+ return status >= 200 && status < 300;
7999
+ },
7682
8000
 
7683
- // reserved names hotfix
7684
- utils$1.reduceDescriptors(AxiosHeaders.prototype, ({ value }, key) => {
7685
- let mapped = key[0].toUpperCase() + key.slice(1); // map `set` => `Set`
7686
- return {
7687
- get: () => value,
7688
- set(headerValue) {
7689
- this[mapped] = headerValue;
8001
+ headers: {
8002
+ common: {
8003
+ Accept: 'application/json, text/plain, */*',
8004
+ 'Content-Type': undefined,
7690
8005
  },
7691
- };
7692
- });
8006
+ },
8007
+ };
7693
8008
 
7694
- utils$1.freezeMethods(AxiosHeaders);
8009
+ utils$1.forEach(['delete', 'get', 'head', 'post', 'put', 'patch', 'query'], (method) => {
8010
+ defaults.headers[method] = {};
8011
+ });
7695
8012
 
7696
8013
  /**
7697
8014
  * Transform the data for a request or a response
@@ -7751,22 +8068,18 @@ var contentfulManagement = (function (exports) {
7751
8068
  if (!response.status || !validateStatus || validateStatus(response.status)) {
7752
8069
  resolve(response);
7753
8070
  } else {
7754
- reject(
7755
- new AxiosError(
7756
- 'Request failed with status code ' + response.status,
7757
- [AxiosError.ERR_BAD_REQUEST, AxiosError.ERR_BAD_RESPONSE][
7758
- Math.floor(response.status / 100) - 4
7759
- ],
7760
- response.config,
7761
- response.request,
7762
- response
7763
- )
7764
- );
8071
+ reject(new AxiosError(
8072
+ 'Request failed with status code ' + response.status,
8073
+ response.status >= 400 && response.status < 500 ? AxiosError.ERR_BAD_REQUEST : AxiosError.ERR_BAD_RESPONSE,
8074
+ response.config,
8075
+ response.request,
8076
+ response
8077
+ ));
7765
8078
  }
7766
8079
  }
7767
8080
 
7768
8081
  function parseProtocol(url) {
7769
- const match = /^([-+\w]{1,25})(:?\/\/|:)/.exec(url);
8082
+ const match = /^([-+\w]{1,25}):(?:\/\/)?/.exec(url);
7770
8083
  return (match && match[1]) || '';
7771
8084
  }
7772
8085
 
@@ -7870,13 +8183,16 @@ var contentfulManagement = (function (exports) {
7870
8183
  const _speedometer = speedometer(50, 250);
7871
8184
 
7872
8185
  return throttle((e) => {
7873
- const loaded = e.loaded;
8186
+ if (!e || typeof e.loaded !== 'number') {
8187
+ return;
8188
+ }
8189
+ const rawLoaded = e.loaded;
7874
8190
  const total = e.lengthComputable ? e.total : undefined;
7875
- const progressBytes = loaded - bytesNotified;
8191
+ const loaded = total != null ? Math.min(rawLoaded, total) : rawLoaded;
8192
+ const progressBytes = Math.max(0, loaded - bytesNotified);
7876
8193
  const rate = _speedometer(progressBytes);
7877
- const inRange = loaded <= total;
7878
8194
 
7879
- bytesNotified = loaded;
8195
+ bytesNotified = Math.max(bytesNotified, loaded);
7880
8196
 
7881
8197
  const data = {
7882
8198
  loaded,
@@ -7884,7 +8200,7 @@ var contentfulManagement = (function (exports) {
7884
8200
  progress: total ? loaded / total : undefined,
7885
8201
  bytes: progressBytes,
7886
8202
  rate: rate ? rate : undefined,
7887
- estimated: rate && total && inRange ? (total - loaded) / rate : undefined,
8203
+ estimated: rate && total ? (total - loaded) / rate : undefined,
7888
8204
  event: e,
7889
8205
  lengthComputable: total != null,
7890
8206
  [isDownloadStream ? 'download' : 'upload']: true,
@@ -7957,8 +8273,20 @@ var contentfulManagement = (function (exports) {
7957
8273
 
7958
8274
  read(name) {
7959
8275
  if (typeof document === 'undefined') return null;
7960
- const match = document.cookie.match(new RegExp('(?:^|; )' + name + '=([^;]*)'));
7961
- return match ? decodeURIComponent(match[1]) : null;
8276
+ // Match name=value by splitting on the semicolon separator instead of building a
8277
+ // RegExp from `name` interpolating an unescaped string into a RegExp would let
8278
+ // metacharacters (e.g. `.+?` in an attacker-influenced cookie name) cause ReDoS or
8279
+ // match the wrong cookie. Browsers may serialize cookie pairs as either ";" or
8280
+ // "; ", so ignore optional whitespace before each cookie name.
8281
+ const cookies = document.cookie.split(';');
8282
+ for (let i = 0; i < cookies.length; i++) {
8283
+ const cookie = cookies[i].replace(/^\s+/, '');
8284
+ const eq = cookie.indexOf('=');
8285
+ if (eq !== -1 && cookie.slice(0, eq) === name) {
8286
+ return decodeURIComponent(cookie.slice(eq + 1));
8287
+ }
8288
+ }
8289
+ return null;
7962
8290
  },
7963
8291
 
7964
8292
  remove(name) {
@@ -8006,6 +8334,31 @@ var contentfulManagement = (function (exports) {
8006
8334
  : baseURL;
8007
8335
  }
8008
8336
 
8337
+ const malformedHttpProtocol = /^https?:(?!\/\/)/i;
8338
+ const httpProtocolControlCharacters = /[\t\n\r]/g;
8339
+
8340
+ function stripLeadingC0ControlOrSpace(url) {
8341
+ let i = 0;
8342
+ while (i < url.length && url.charCodeAt(i) <= 0x20) {
8343
+ i++;
8344
+ }
8345
+ return url.slice(i);
8346
+ }
8347
+
8348
+ function normalizeURLForProtocolCheck(url) {
8349
+ return stripLeadingC0ControlOrSpace(url).replace(httpProtocolControlCharacters, '');
8350
+ }
8351
+
8352
+ function assertValidHttpProtocolURL(url, config) {
8353
+ if (typeof url === 'string' && malformedHttpProtocol.test(normalizeURLForProtocolCheck(url))) {
8354
+ throw new AxiosError(
8355
+ 'Invalid URL: missing "//" after protocol',
8356
+ AxiosError.ERR_INVALID_URL,
8357
+ config
8358
+ );
8359
+ }
8360
+ }
8361
+
8009
8362
  /**
8010
8363
  * Creates a new URL by combining the baseURL with the requestedURL,
8011
8364
  * only when the requestedURL is not already an absolute URL.
@@ -8016,9 +8369,11 @@ var contentfulManagement = (function (exports) {
8016
8369
  *
8017
8370
  * @returns {string} The combined full path
8018
8371
  */
8019
- function buildFullPath(baseURL, requestedURL, allowAbsoluteUrls) {
8372
+ function buildFullPath(baseURL, requestedURL, allowAbsoluteUrls, config) {
8373
+ assertValidHttpProtocolURL(requestedURL, config);
8020
8374
  let isRelativeUrl = !isAbsoluteURL(requestedURL);
8021
- if (baseURL && (isRelativeUrl || allowAbsoluteUrls == false)) {
8375
+ if (baseURL && (isRelativeUrl || allowAbsoluteUrls === false)) {
8376
+ assertValidHttpProtocolURL(baseURL, config);
8022
8377
  return combineURLs(baseURL, requestedURL);
8023
8378
  }
8024
8379
  return requestedURL;
@@ -8038,7 +8393,21 @@ var contentfulManagement = (function (exports) {
8038
8393
  function mergeConfig(config1, config2) {
8039
8394
  // eslint-disable-next-line no-param-reassign
8040
8395
  config2 = config2 || {};
8041
- const config = {};
8396
+
8397
+ // Use a null-prototype object so that downstream reads such as `config.auth`
8398
+ // or `config.baseURL` cannot inherit polluted values from Object.prototype.
8399
+ // `hasOwnProperty` is restored as a non-enumerable own slot to preserve
8400
+ // ergonomics for user code that relies on it.
8401
+ const config = Object.create(null);
8402
+ Object.defineProperty(config, 'hasOwnProperty', {
8403
+ // Null-proto descriptor so a polluted Object.prototype.get cannot turn
8404
+ // this data descriptor into an accessor descriptor on the way in.
8405
+ __proto__: null,
8406
+ value: Object.prototype.hasOwnProperty,
8407
+ enumerable: false,
8408
+ writable: true,
8409
+ configurable: true,
8410
+ });
8042
8411
 
8043
8412
  function getMergedValue(target, source, prop, caseless) {
8044
8413
  if (utils$1.isPlainObject(target) && utils$1.isPlainObject(source)) {
@@ -8075,11 +8444,33 @@ var contentfulManagement = (function (exports) {
8075
8444
  }
8076
8445
  }
8077
8446
 
8447
+ function getMergedTransitionalOption(prop) {
8448
+ const transitional2 = utils$1.hasOwnProp(config2, 'transitional') ? config2.transitional : undefined;
8449
+
8450
+ if (!utils$1.isUndefined(transitional2)) {
8451
+ if (utils$1.isPlainObject(transitional2)) {
8452
+ if (utils$1.hasOwnProp(transitional2, prop)) {
8453
+ return transitional2[prop];
8454
+ }
8455
+ } else {
8456
+ return undefined;
8457
+ }
8458
+ }
8459
+
8460
+ const transitional1 = utils$1.hasOwnProp(config1, 'transitional') ? config1.transitional : undefined;
8461
+
8462
+ if (utils$1.isPlainObject(transitional1) && utils$1.hasOwnProp(transitional1, prop)) {
8463
+ return transitional1[prop];
8464
+ }
8465
+
8466
+ return undefined;
8467
+ }
8468
+
8078
8469
  // eslint-disable-next-line consistent-return
8079
8470
  function mergeDirectKeys(a, b, prop) {
8080
- if (prop in config2) {
8471
+ if (utils$1.hasOwnProp(config2, prop)) {
8081
8472
  return getMergedValue(a, b);
8082
- } else if (prop in config1) {
8473
+ } else if (utils$1.hasOwnProp(config1, prop)) {
8083
8474
  return getMergedValue(undefined, a);
8084
8475
  }
8085
8476
  }
@@ -8111,6 +8502,7 @@ var contentfulManagement = (function (exports) {
8111
8502
  httpsAgent: defaultToConfig2,
8112
8503
  cancelToken: defaultToConfig2,
8113
8504
  socketPath: defaultToConfig2,
8505
+ allowedSocketPaths: defaultToConfig2,
8114
8506
  responseEncoding: defaultToConfig2,
8115
8507
  validateStatus: mergeDirectKeys,
8116
8508
  headers: (a, b, prop) =>
@@ -8120,52 +8512,101 @@ var contentfulManagement = (function (exports) {
8120
8512
  utils$1.forEach(Object.keys({ ...config1, ...config2 }), function computeConfigValue(prop) {
8121
8513
  if (prop === '__proto__' || prop === 'constructor' || prop === 'prototype') return;
8122
8514
  const merge = utils$1.hasOwnProp(mergeMap, prop) ? mergeMap[prop] : mergeDeepProperties;
8123
- const configValue = merge(config1[prop], config2[prop], prop);
8515
+ const a = utils$1.hasOwnProp(config1, prop) ? config1[prop] : undefined;
8516
+ const b = utils$1.hasOwnProp(config2, prop) ? config2[prop] : undefined;
8517
+ const configValue = merge(a, b, prop);
8124
8518
  (utils$1.isUndefined(configValue) && merge !== mergeDirectKeys) || (config[prop] = configValue);
8125
8519
  });
8126
8520
 
8521
+ if (
8522
+ utils$1.hasOwnProp(config2, 'validateStatus') &&
8523
+ utils$1.isUndefined(config2.validateStatus) &&
8524
+ getMergedTransitionalOption('validateStatusUndefinedResolves') === false
8525
+ ) {
8526
+ if (utils$1.hasOwnProp(config1, 'validateStatus')) {
8527
+ config.validateStatus = getMergedValue(undefined, config1.validateStatus);
8528
+ } else {
8529
+ delete config.validateStatus;
8530
+ }
8531
+ }
8532
+
8127
8533
  return config;
8128
8534
  }
8129
8535
 
8130
- var resolveConfig = (config) => {
8536
+ const FORM_DATA_CONTENT_HEADERS = ['content-type', 'content-length'];
8537
+
8538
+ function setFormDataHeaders(headers, formHeaders, policy) {
8539
+ if (policy !== 'content-only') {
8540
+ headers.set(formHeaders);
8541
+ return;
8542
+ }
8543
+
8544
+ Object.entries(formHeaders).forEach(([key, val]) => {
8545
+ if (FORM_DATA_CONTENT_HEADERS.includes(key.toLowerCase())) {
8546
+ headers.set(key, val);
8547
+ }
8548
+ });
8549
+ }
8550
+
8551
+ /**
8552
+ * Encode a UTF-8 string to a Latin-1 byte string for use with btoa().
8553
+ * This is a modern replacement for the deprecated unescape(encodeURIComponent(str)) pattern.
8554
+ *
8555
+ * @param {string} str The string to encode
8556
+ *
8557
+ * @returns {string} UTF-8 bytes as a Latin-1 string
8558
+ */
8559
+ const encodeUTF8$1 = (str) =>
8560
+ encodeURIComponent(str).replace(/%([0-9A-F]{2})/gi, (_, hex) =>
8561
+ String.fromCharCode(parseInt(hex, 16))
8562
+ );
8563
+
8564
+ function resolveConfig(config) {
8131
8565
  const newConfig = mergeConfig({}, config);
8132
8566
 
8133
- let { data, withXSRFToken, xsrfHeaderName, xsrfCookieName, headers, auth } = newConfig;
8567
+ // Read only own properties to prevent prototype pollution gadgets
8568
+ // (e.g. Object.prototype.baseURL = 'https://evil.com').
8569
+ const own = (key) => (utils$1.hasOwnProp(newConfig, key) ? newConfig[key] : undefined);
8570
+
8571
+ const data = own('data');
8572
+ let withXSRFToken = own('withXSRFToken');
8573
+ const xsrfHeaderName = own('xsrfHeaderName');
8574
+ const xsrfCookieName = own('xsrfCookieName');
8575
+ let headers = own('headers');
8576
+ const auth = own('auth');
8577
+ const baseURL = own('baseURL');
8578
+ const allowAbsoluteUrls = own('allowAbsoluteUrls');
8579
+ const url = own('url');
8134
8580
 
8135
8581
  newConfig.headers = headers = AxiosHeaders.from(headers);
8136
8582
 
8137
8583
  newConfig.url = buildURL(
8138
- buildFullPath(newConfig.baseURL, newConfig.url, newConfig.allowAbsoluteUrls),
8139
- config.params,
8140
- config.paramsSerializer
8584
+ buildFullPath(baseURL, url, allowAbsoluteUrls, newConfig),
8585
+ own('params'),
8586
+ own('paramsSerializer')
8141
8587
  );
8142
8588
 
8143
8589
  // HTTP basic authentication
8144
8590
  if (auth) {
8591
+ const username = utils$1.getSafeProp(auth, 'username') || '';
8592
+ const password = utils$1.getSafeProp(auth, 'password') || '';
8593
+
8145
8594
  headers.set(
8146
8595
  'Authorization',
8147
- 'Basic ' +
8148
- btoa(
8149
- (auth.username || '') +
8150
- ':' +
8151
- (auth.password ? unescape(encodeURIComponent(auth.password)) : '')
8152
- )
8596
+ 'Basic ' + btoa(username + ':' + (password ? encodeUTF8$1(password) : ''))
8153
8597
  );
8154
8598
  }
8155
8599
 
8156
8600
  if (utils$1.isFormData(data)) {
8157
- if (platform.hasStandardBrowserEnv || platform.hasStandardBrowserWebWorkerEnv) {
8158
- headers.setContentType(undefined); // browser handles it
8601
+ if (
8602
+ platform.hasStandardBrowserEnv ||
8603
+ platform.hasStandardBrowserWebWorkerEnv ||
8604
+ utils$1.isReactNative(data)
8605
+ ) {
8606
+ headers.setContentType(undefined); // browser/web worker/RN handles it
8159
8607
  } else if (utils$1.isFunction(data.getHeaders)) {
8160
8608
  // Node.js FormData (like form-data package)
8161
- const formHeaders = data.getHeaders();
8162
- // Only set safe headers to avoid overwriting security headers
8163
- const allowedHeaders = ['content-type', 'content-length'];
8164
- Object.entries(formHeaders).forEach(([key, val]) => {
8165
- if (allowedHeaders.includes(key.toLowerCase())) {
8166
- headers.set(key, val);
8167
- }
8168
- });
8609
+ setFormDataHeaders(headers, data.getHeaders(), own('formDataHeaderPolicy'));
8169
8610
  }
8170
8611
  }
8171
8612
 
@@ -8174,10 +8615,17 @@ var contentfulManagement = (function (exports) {
8174
8615
  // Specifically not if we're in a web worker, or react-native.
8175
8616
 
8176
8617
  if (platform.hasStandardBrowserEnv) {
8177
- withXSRFToken && utils$1.isFunction(withXSRFToken) && (withXSRFToken = withXSRFToken(newConfig));
8618
+ if (utils$1.isFunction(withXSRFToken)) {
8619
+ withXSRFToken = withXSRFToken(newConfig);
8620
+ }
8621
+
8622
+ // Strict boolean check — prevents proto-pollution gadgets (e.g. Object.prototype.withXSRFToken = 1)
8623
+ // and misconfigurations (e.g. "false") from short-circuiting the same-origin check and leaking
8624
+ // the XSRF token cross-origin.
8625
+ const shouldSendXSRF =
8626
+ withXSRFToken === true || (withXSRFToken == null && isURLSameOrigin(newConfig.url));
8178
8627
 
8179
- if (withXSRFToken || (withXSRFToken !== false && isURLSameOrigin(newConfig.url))) {
8180
- // Add xsrf header
8628
+ if (shouldSendXSRF) {
8181
8629
  const xsrfValue = xsrfHeaderName && xsrfCookieName && cookies.read(xsrfCookieName);
8182
8630
 
8183
8631
  if (xsrfValue) {
@@ -8187,7 +8635,7 @@ var contentfulManagement = (function (exports) {
8187
8635
  }
8188
8636
 
8189
8637
  return newConfig;
8190
- };
8638
+ }
8191
8639
 
8192
8640
  const isXHRAdapterSupported = typeof XMLHttpRequest !== 'undefined';
8193
8641
 
@@ -8271,7 +8719,7 @@ var contentfulManagement = (function (exports) {
8271
8719
  // will return status as 0 even though it's a successful request
8272
8720
  if (
8273
8721
  request.status === 0 &&
8274
- !(request.responseURL && request.responseURL.indexOf('file:') === 0)
8722
+ !(request.responseURL && request.responseURL.startsWith('file:'))
8275
8723
  ) {
8276
8724
  return;
8277
8725
  }
@@ -8288,6 +8736,7 @@ var contentfulManagement = (function (exports) {
8288
8736
  }
8289
8737
 
8290
8738
  reject(new AxiosError('Request aborted', AxiosError.ECONNABORTED, config, request));
8739
+ done();
8291
8740
 
8292
8741
  // Clean up request
8293
8742
  request = null;
@@ -8303,6 +8752,7 @@ var contentfulManagement = (function (exports) {
8303
8752
  // attach the underlying event for consumers who want details
8304
8753
  err.event = event || null;
8305
8754
  reject(err);
8755
+ done();
8306
8756
  request = null;
8307
8757
  };
8308
8758
 
@@ -8323,6 +8773,7 @@ var contentfulManagement = (function (exports) {
8323
8773
  request
8324
8774
  )
8325
8775
  );
8776
+ done();
8326
8777
 
8327
8778
  // Clean up request
8328
8779
  request = null;
@@ -8333,7 +8784,7 @@ var contentfulManagement = (function (exports) {
8333
8784
 
8334
8785
  // Add headers to the request
8335
8786
  if ('setRequestHeader' in request) {
8336
- utils$1.forEach(requestHeaders.toJSON(), function setRequestHeader(val, key) {
8787
+ utils$1.forEach(toByteStringHeaderObject(requestHeaders), function setRequestHeader(val, key) {
8337
8788
  request.setRequestHeader(key, val);
8338
8789
  });
8339
8790
  }
@@ -8372,6 +8823,7 @@ var contentfulManagement = (function (exports) {
8372
8823
  }
8373
8824
  reject(!cancel || cancel.type ? new CanceledError(null, config, request) : cancel);
8374
8825
  request.abort();
8826
+ done();
8375
8827
  request = null;
8376
8828
  };
8377
8829
 
@@ -8385,7 +8837,7 @@ var contentfulManagement = (function (exports) {
8385
8837
 
8386
8838
  const protocol = parseProtocol(_config.url);
8387
8839
 
8388
- if (protocol && platform.protocols.indexOf(protocol) === -1) {
8840
+ if (protocol && !platform.protocols.includes(protocol)) {
8389
8841
  reject(
8390
8842
  new AxiosError(
8391
8843
  'Unsupported protocol ' + protocol + ':',
@@ -8402,54 +8854,55 @@ var contentfulManagement = (function (exports) {
8402
8854
  };
8403
8855
 
8404
8856
  const composeSignals = (signals, timeout) => {
8405
- const { length } = (signals = signals ? signals.filter(Boolean) : []);
8406
-
8407
- if (timeout || length) {
8408
- let controller = new AbortController();
8409
-
8410
- let aborted;
8411
-
8412
- const onabort = function (reason) {
8413
- if (!aborted) {
8414
- aborted = true;
8415
- unsubscribe();
8416
- const err = reason instanceof Error ? reason : this.reason;
8417
- controller.abort(
8418
- err instanceof AxiosError
8419
- ? err
8420
- : new CanceledError(err instanceof Error ? err.message : err)
8421
- );
8422
- }
8423
- };
8857
+ signals = signals ? signals.filter(Boolean) : [];
8424
8858
 
8425
- let timer =
8426
- timeout &&
8427
- setTimeout(() => {
8428
- timer = null;
8429
- onabort(new AxiosError(`timeout of ${timeout}ms exceeded`, AxiosError.ETIMEDOUT));
8430
- }, timeout);
8431
-
8432
- const unsubscribe = () => {
8433
- if (signals) {
8434
- timer && clearTimeout(timer);
8435
- timer = null;
8436
- signals.forEach((signal) => {
8437
- signal.unsubscribe
8438
- ? signal.unsubscribe(onabort)
8439
- : signal.removeEventListener('abort', onabort);
8440
- });
8441
- signals = null;
8442
- }
8443
- };
8859
+ if (!timeout && !signals.length) {
8860
+ return;
8861
+ }
8444
8862
 
8445
- signals.forEach((signal) => signal.addEventListener('abort', onabort));
8863
+ const controller = new AbortController();
8446
8864
 
8447
- const { signal } = controller;
8865
+ let aborted = false;
8448
8866
 
8449
- signal.unsubscribe = () => utils$1.asap(unsubscribe);
8867
+ const onabort = function (reason) {
8868
+ if (!aborted) {
8869
+ aborted = true;
8870
+ unsubscribe();
8871
+ const err = reason instanceof Error ? reason : this.reason;
8872
+ controller.abort(
8873
+ err instanceof AxiosError
8874
+ ? err
8875
+ : new CanceledError(err instanceof Error ? err.message : err)
8876
+ );
8877
+ }
8878
+ };
8450
8879
 
8451
- return signal;
8452
- }
8880
+ let timer =
8881
+ timeout &&
8882
+ setTimeout(() => {
8883
+ timer = null;
8884
+ onabort(new AxiosError(`timeout of ${timeout}ms exceeded`, AxiosError.ETIMEDOUT));
8885
+ }, timeout);
8886
+
8887
+ const unsubscribe = () => {
8888
+ if (!signals) { return; }
8889
+ timer && clearTimeout(timer);
8890
+ timer = null;
8891
+ signals.forEach((signal) => {
8892
+ signal.unsubscribe
8893
+ ? signal.unsubscribe(onabort)
8894
+ : signal.removeEventListener('abort', onabort);
8895
+ });
8896
+ signals = null;
8897
+ };
8898
+
8899
+ signals.forEach((signal) => signal.addEventListener('abort', onabort));
8900
+
8901
+ const { signal } = controller;
8902
+
8903
+ signal.unsubscribe = () => utils$1.asap(unsubscribe);
8904
+
8905
+ return signal;
8453
8906
  };
8454
8907
 
8455
8908
  const streamChunk = function* (chunk, chunkSize) {
@@ -8542,16 +8995,146 @@ var contentfulManagement = (function (exports) {
8542
8995
  );
8543
8996
  };
8544
8997
 
8998
+ /**
8999
+ * Estimate decoded byte length of a data:// URL *without* allocating large buffers.
9000
+ * - For base64: compute exact decoded size using length and padding;
9001
+ * handle %XX at the character-count level (no string allocation).
9002
+ * - For non-base64: compute the exact percent-decoded UTF-8 byte length.
9003
+ *
9004
+ * @param {string} url
9005
+ * @returns {number}
9006
+ */
9007
+ const isHexDigit = (charCode) =>
9008
+ (charCode >= 48 && charCode <= 57) ||
9009
+ (charCode >= 65 && charCode <= 70) ||
9010
+ (charCode >= 97 && charCode <= 102);
9011
+
9012
+ const isPercentEncodedByte = (str, i, len) =>
9013
+ i + 2 < len && isHexDigit(str.charCodeAt(i + 1)) && isHexDigit(str.charCodeAt(i + 2));
9014
+
9015
+ function estimateDataURLDecodedBytes(url) {
9016
+ if (!url || typeof url !== 'string') return 0;
9017
+ if (!url.startsWith('data:')) return 0;
9018
+
9019
+ const comma = url.indexOf(',');
9020
+ if (comma < 0) return 0;
9021
+
9022
+ const meta = url.slice(5, comma);
9023
+ const body = url.slice(comma + 1);
9024
+ const isBase64 = /;base64/i.test(meta);
9025
+
9026
+ if (isBase64) {
9027
+ let effectiveLen = body.length;
9028
+ const len = body.length; // cache length
9029
+
9030
+ for (let i = 0; i < len; i++) {
9031
+ if (body.charCodeAt(i) === 37 /* '%' */ && i + 2 < len) {
9032
+ const a = body.charCodeAt(i + 1);
9033
+ const b = body.charCodeAt(i + 2);
9034
+ const isHex = isHexDigit(a) && isHexDigit(b);
9035
+
9036
+ if (isHex) {
9037
+ effectiveLen -= 2;
9038
+ i += 2;
9039
+ }
9040
+ }
9041
+ }
9042
+
9043
+ let pad = 0;
9044
+ let idx = len - 1;
9045
+
9046
+ const tailIsPct3D = (j) =>
9047
+ j >= 2 &&
9048
+ body.charCodeAt(j - 2) === 37 && // '%'
9049
+ body.charCodeAt(j - 1) === 51 && // '3'
9050
+ (body.charCodeAt(j) === 68 || body.charCodeAt(j) === 100); // 'D' or 'd'
9051
+
9052
+ if (idx >= 0) {
9053
+ if (body.charCodeAt(idx) === 61 /* '=' */) {
9054
+ pad++;
9055
+ idx--;
9056
+ } else if (tailIsPct3D(idx)) {
9057
+ pad++;
9058
+ idx -= 3;
9059
+ }
9060
+ }
9061
+
9062
+ if (pad === 1 && idx >= 0) {
9063
+ if (body.charCodeAt(idx) === 61 /* '=' */) {
9064
+ pad++;
9065
+ } else if (tailIsPct3D(idx)) {
9066
+ pad++;
9067
+ }
9068
+ }
9069
+
9070
+ const groups = Math.floor(effectiveLen / 4);
9071
+ const bytes = groups * 3 - (pad || 0);
9072
+ return bytes > 0 ? bytes : 0;
9073
+ }
9074
+
9075
+ // Compute UTF-8 byte length directly from UTF-16 code units without allocating
9076
+ // a byte buffer (TextEncoder.encode would defeat the DoS guard on large bodies).
9077
+ // Valid %XX triplets count as one decoded byte; this matches the bytes that
9078
+ // decodeURIComponent(body) would produce before Buffer re-encodes the string.
9079
+ let bytes = 0;
9080
+ for (let i = 0, len = body.length; i < len; i++) {
9081
+ const c = body.charCodeAt(i);
9082
+ if (c === 37 /* '%' */ && isPercentEncodedByte(body, i, len)) {
9083
+ bytes += 1;
9084
+ i += 2;
9085
+ } else if (c < 0x80) {
9086
+ bytes += 1;
9087
+ } else if (c < 0x800) {
9088
+ bytes += 2;
9089
+ } else if (c >= 0xd800 && c <= 0xdbff && i + 1 < len) {
9090
+ const next = body.charCodeAt(i + 1);
9091
+ if (next >= 0xdc00 && next <= 0xdfff) {
9092
+ bytes += 4;
9093
+ i++;
9094
+ } else {
9095
+ bytes += 3;
9096
+ }
9097
+ } else {
9098
+ bytes += 3;
9099
+ }
9100
+ }
9101
+ return bytes;
9102
+ }
9103
+
9104
+ const VERSION = "1.18.0";
9105
+
8545
9106
  const DEFAULT_CHUNK_SIZE = 64 * 1024;
8546
9107
 
8547
9108
  const { isFunction } = utils$1;
8548
9109
 
8549
- const globalFetchAPI = (({ Request, Response }) => ({
8550
- Request,
8551
- Response,
8552
- }))(utils$1.global);
9110
+ /**
9111
+ * Encode a UTF-8 string to a Latin-1 byte string for use with btoa().
9112
+ * This is a modern replacement for the deprecated unescape(encodeURIComponent(str)) pattern.
9113
+ *
9114
+ * @param {string} str The string to encode
9115
+ *
9116
+ * @returns {string} UTF-8 bytes as a Latin-1 string
9117
+ */
9118
+ const encodeUTF8 = (str) =>
9119
+ encodeURIComponent(str).replace(/%([0-9A-F]{2})/gi, (_, hex) =>
9120
+ String.fromCharCode(parseInt(hex, 16))
9121
+ );
9122
+
9123
+ // Node's WHATWG URL parser returns `username` and `password` percent-encoded.
9124
+ // Decode before composing the `auth` option so credentials such as
9125
+ // `my%40email.com:pass` are sent as `my@email.com:pass`. Falls back to the
9126
+ // original value for malformed input so a bad encoding never throws.
9127
+ const decodeURIComponentSafe = (value) => {
9128
+ if (!utils$1.isString(value)) {
9129
+ return value;
9130
+ }
8553
9131
 
8554
- const { ReadableStream: ReadableStream$1, TextEncoder } = utils$1.global;
9132
+ try {
9133
+ return decodeURIComponent(value);
9134
+ } catch (error) {
9135
+ return value;
9136
+ }
9137
+ };
8555
9138
 
8556
9139
  const test = (fn, ...args) => {
8557
9140
  try {
@@ -8561,12 +9144,30 @@ var contentfulManagement = (function (exports) {
8561
9144
  }
8562
9145
  };
8563
9146
 
9147
+ const maybeWithAuthCredentials = (url) => {
9148
+ const protocolIndex = url.indexOf('://');
9149
+ let urlToCheck = url;
9150
+ if (protocolIndex !== -1) {
9151
+ urlToCheck = urlToCheck.slice(protocolIndex + 3);
9152
+ }
9153
+ return urlToCheck.includes('@') || urlToCheck.includes(':');
9154
+ };
9155
+
8564
9156
  const factory = (env) => {
9157
+ const globalObject =
9158
+ utils$1.global !== undefined && utils$1.global !== null
9159
+ ? utils$1.global
9160
+ : globalThis;
9161
+ const { ReadableStream, TextEncoder } = globalObject;
9162
+
8565
9163
  env = utils$1.merge.call(
8566
9164
  {
8567
9165
  skipUndefined: true,
8568
9166
  },
8569
- globalFetchAPI,
9167
+ {
9168
+ Request: globalObject.Request,
9169
+ Response: globalObject.Response,
9170
+ },
8570
9171
  env
8571
9172
  );
8572
9173
 
@@ -8579,7 +9180,7 @@ var contentfulManagement = (function (exports) {
8579
9180
  return false;
8580
9181
  }
8581
9182
 
8582
- const isReadableStreamSupported = isFetchSupported && isFunction(ReadableStream$1);
9183
+ const isReadableStreamSupported = isFetchSupported && isFunction(ReadableStream);
8583
9184
 
8584
9185
  const encodeText =
8585
9186
  isFetchSupported &&
@@ -8596,18 +9197,20 @@ var contentfulManagement = (function (exports) {
8596
9197
  test(() => {
8597
9198
  let duplexAccessed = false;
8598
9199
 
8599
- const body = new ReadableStream$1();
8600
-
8601
- const hasContentType = new Request(platform.origin, {
8602
- body,
9200
+ const request = new Request(platform.origin, {
9201
+ body: new ReadableStream(),
8603
9202
  method: 'POST',
8604
9203
  get duplex() {
8605
9204
  duplexAccessed = true;
8606
9205
  return 'half';
8607
9206
  },
8608
- }).headers.has('Content-Type');
9207
+ });
8609
9208
 
8610
- body.cancel();
9209
+ const hasContentType = request.headers.has('Content-Type');
9210
+
9211
+ if (request.body != null) {
9212
+ request.body.cancel();
9213
+ }
8611
9214
 
8612
9215
  return duplexAccessed && !hasContentType;
8613
9216
  });
@@ -8691,8 +9294,14 @@ var contentfulManagement = (function (exports) {
8691
9294
  headers,
8692
9295
  withCredentials = 'same-origin',
8693
9296
  fetchOptions,
9297
+ maxContentLength,
9298
+ maxBodyLength,
8694
9299
  } = resolveConfig(config);
8695
9300
 
9301
+ const hasMaxContentLength = utils$1.isNumber(maxContentLength) && maxContentLength > -1;
9302
+ const hasMaxBodyLength = utils$1.isNumber(maxBodyLength) && maxBodyLength > -1;
9303
+ const own = (key) => (utils$1.hasOwnProp(config, key) ? config[key] : undefined);
9304
+
8696
9305
  let _fetch = envFetch || fetch;
8697
9306
 
8698
9307
  responseType = responseType ? (responseType + '').toLowerCase() : 'text';
@@ -8713,34 +9322,166 @@ var contentfulManagement = (function (exports) {
8713
9322
 
8714
9323
  let requestContentLength;
8715
9324
 
9325
+ // AxiosError we raise while the request body is being streamed. Captured
9326
+ // by identity so the catch block can surface it directly, regardless of
9327
+ // how the runtime wraps the resulting fetch rejection (undici exposes it
9328
+ // as `err.cause`; some browsers drop the original error entirely).
9329
+ let pendingBodyError = null;
9330
+
9331
+ const maxBodyLengthError = () =>
9332
+ new AxiosError(
9333
+ 'Request body larger than maxBodyLength limit',
9334
+ AxiosError.ERR_BAD_REQUEST,
9335
+ config,
9336
+ request
9337
+ );
9338
+
8716
9339
  try {
9340
+ // HTTP basic authentication
9341
+ let auth = undefined;
9342
+ const configAuth = own('auth');
9343
+
9344
+ if (configAuth) {
9345
+ const username = utils$1.getSafeProp(configAuth, 'username') || '';
9346
+ const password = utils$1.getSafeProp(configAuth, 'password') || '';
9347
+ auth = {
9348
+ username,
9349
+ password
9350
+ };
9351
+ }
9352
+
9353
+ if (maybeWithAuthCredentials(url)) {
9354
+ const parsedURL = new URL(url, platform.origin);
9355
+
9356
+ if (!auth && (parsedURL.username || parsedURL.password)) {
9357
+ const urlUsername = decodeURIComponentSafe(parsedURL.username);
9358
+ const urlPassword = decodeURIComponentSafe(parsedURL.password);
9359
+ auth = {
9360
+ username: urlUsername,
9361
+ password: urlPassword
9362
+ };
9363
+ }
9364
+
9365
+ if (parsedURL.username || parsedURL.password) {
9366
+ parsedURL.username = '';
9367
+ parsedURL.password = '';
9368
+ url = parsedURL.href;
9369
+ }
9370
+ }
9371
+
9372
+ if (auth) {
9373
+ headers.delete('authorization');
9374
+ headers.set(
9375
+ 'Authorization',
9376
+ 'Basic ' + btoa(encodeUTF8((auth.username || '') + ':' + (auth.password || '')))
9377
+ );
9378
+ }
9379
+
9380
+ // Enforce maxContentLength for data: URLs up-front so we never materialize
9381
+ // an oversized payload. The HTTP adapter applies the same check (see http.js
9382
+ // "if (protocol === 'data:')" branch).
9383
+ if (hasMaxContentLength && typeof url === 'string' && url.startsWith('data:')) {
9384
+ const estimated = estimateDataURLDecodedBytes(url);
9385
+ if (estimated > maxContentLength) {
9386
+ throw new AxiosError(
9387
+ 'maxContentLength size of ' + maxContentLength + ' exceeded',
9388
+ AxiosError.ERR_BAD_RESPONSE,
9389
+ config,
9390
+ request
9391
+ );
9392
+ }
9393
+ }
9394
+
9395
+ // Enforce maxBodyLength against known-size bodies before dispatch using
9396
+ // the body's *actual* size — never a caller-declared Content-Length,
9397
+ // which could under-report to slip an oversized body past the check.
9398
+ // Unknown-size streams return undefined here and are counted per-chunk
9399
+ // below as fetch consumes them.
9400
+ if (hasMaxBodyLength && method !== 'get' && method !== 'head') {
9401
+ const outboundLength = await getBodyLength(data);
9402
+ if (typeof outboundLength === 'number' && isFinite(outboundLength)) {
9403
+ requestContentLength = outboundLength;
9404
+ if (outboundLength > maxBodyLength) {
9405
+ throw maxBodyLengthError();
9406
+ }
9407
+ }
9408
+ }
9409
+
9410
+ // A streamed body under maxBodyLength must be counted as fetch consumes
9411
+ // it; its size is never trusted from a caller-declared Content-Length.
9412
+ const mustEnforceStreamBody =
9413
+ hasMaxBodyLength && (utils$1.isReadableStream(data) || utils$1.isStream(data));
9414
+
9415
+ const trackRequestStream = (stream, onProgress, flush) =>
9416
+ trackStream(
9417
+ stream,
9418
+ DEFAULT_CHUNK_SIZE,
9419
+ (loadedBytes) => {
9420
+ if (hasMaxBodyLength && loadedBytes > maxBodyLength) {
9421
+ throw (pendingBodyError = maxBodyLengthError());
9422
+ }
9423
+ onProgress && onProgress(loadedBytes);
9424
+ },
9425
+ flush
9426
+ );
9427
+
8717
9428
  if (
8718
- onUploadProgress &&
8719
9429
  supportsRequestStream &&
8720
9430
  method !== 'get' &&
8721
9431
  method !== 'head' &&
8722
- (requestContentLength = await resolveBodyLength(headers, data)) !== 0
9432
+ (onUploadProgress || mustEnforceStreamBody)
8723
9433
  ) {
8724
- let _request = new Request(url, {
8725
- method: 'POST',
8726
- body: data,
8727
- duplex: 'half',
8728
- });
9434
+ requestContentLength =
9435
+ requestContentLength == null ? await resolveBodyLength(headers, data) : requestContentLength;
9436
+
9437
+ // A declared length of 0 is only trusted to skip the wrap when we are
9438
+ // not enforcing a stream limit (which must not rely on that header).
9439
+ if (requestContentLength !== 0 || mustEnforceStreamBody) {
9440
+ let _request = new Request(url, {
9441
+ method: 'POST',
9442
+ body: data,
9443
+ duplex: 'half',
9444
+ });
8729
9445
 
8730
- let contentTypeHeader;
9446
+ let contentTypeHeader;
8731
9447
 
8732
- if (utils$1.isFormData(data) && (contentTypeHeader = _request.headers.get('content-type'))) {
8733
- headers.setContentType(contentTypeHeader);
8734
- }
9448
+ if (utils$1.isFormData(data) && (contentTypeHeader = _request.headers.get('content-type'))) {
9449
+ headers.setContentType(contentTypeHeader);
9450
+ }
8735
9451
 
8736
- if (_request.body) {
8737
- const [onProgress, flush] = progressEventDecorator(
8738
- requestContentLength,
8739
- progressEventReducer(asyncDecorator(onUploadProgress))
8740
- );
9452
+ if (_request.body) {
9453
+ const [onProgress, flush] =
9454
+ (onUploadProgress &&
9455
+ progressEventDecorator(
9456
+ requestContentLength,
9457
+ progressEventReducer(asyncDecorator(onUploadProgress))
9458
+ )) ||
9459
+ [];
8741
9460
 
8742
- data = trackStream(_request.body, DEFAULT_CHUNK_SIZE, onProgress, flush);
9461
+ data = trackRequestStream(_request.body, onProgress, flush);
9462
+ }
8743
9463
  }
9464
+ } else if (
9465
+ mustEnforceStreamBody &&
9466
+ !isRequestSupported &&
9467
+ isReadableStreamSupported &&
9468
+ method !== 'get' &&
9469
+ method !== 'head'
9470
+ ) {
9471
+ data = trackRequestStream(data);
9472
+ } else if (
9473
+ mustEnforceStreamBody &&
9474
+ isRequestSupported &&
9475
+ !supportsRequestStream &&
9476
+ method !== 'get' &&
9477
+ method !== 'head'
9478
+ ) {
9479
+ throw new AxiosError(
9480
+ 'Stream request bodies are not supported by the current fetch implementation',
9481
+ AxiosError.ERR_NOT_SUPPORT,
9482
+ config,
9483
+ request
9484
+ );
8744
9485
  }
8745
9486
 
8746
9487
  if (!utils$1.isString(withCredentials)) {
@@ -8751,11 +9492,27 @@ var contentfulManagement = (function (exports) {
8751
9492
  // see https://github.com/cloudflare/workerd/issues/902
8752
9493
  const isCredentialsSupported = isRequestSupported && 'credentials' in Request.prototype;
8753
9494
 
9495
+ // If data is FormData and Content-Type is multipart/form-data without boundary,
9496
+ // delete it so fetch can set it correctly with the boundary
9497
+ if (utils$1.isFormData(data)) {
9498
+ const contentType = headers.getContentType();
9499
+ if (
9500
+ contentType &&
9501
+ /^multipart\/form-data/i.test(contentType) &&
9502
+ !/boundary=/i.test(contentType)
9503
+ ) {
9504
+ headers.delete('content-type');
9505
+ }
9506
+ }
9507
+
9508
+ // Set User-Agent header if not already set (fetch defaults to 'node' in Node.js)
9509
+ headers.set('User-Agent', 'axios/' + VERSION, false);
9510
+
8754
9511
  const resolvedOptions = {
8755
9512
  ...fetchOptions,
8756
9513
  signal: composedSignal,
8757
9514
  method: method.toUpperCase(),
8758
- headers: headers.normalize().toJSON(),
9515
+ headers: toByteStringHeaderObject(headers.normalize()),
8759
9516
  body: data,
8760
9517
  duplex: 'half',
8761
9518
  credentials: isCredentialsSupported ? withCredentials : undefined,
@@ -8767,17 +9524,37 @@ var contentfulManagement = (function (exports) {
8767
9524
  ? _fetch(request, fetchOptions)
8768
9525
  : _fetch(url, resolvedOptions));
8769
9526
 
9527
+ const responseHeaders = AxiosHeaders.from(response.headers);
9528
+
9529
+ // Cheap pre-check: if the server honestly declares a content-length that
9530
+ // already exceeds the cap, reject before we start streaming.
9531
+ if (hasMaxContentLength) {
9532
+ const declaredLength = utils$1.toFiniteNumber(responseHeaders.getContentLength());
9533
+ if (declaredLength != null && declaredLength > maxContentLength) {
9534
+ throw new AxiosError(
9535
+ 'maxContentLength size of ' + maxContentLength + ' exceeded',
9536
+ AxiosError.ERR_BAD_RESPONSE,
9537
+ config,
9538
+ request
9539
+ );
9540
+ }
9541
+ }
9542
+
8770
9543
  const isStreamResponse =
8771
9544
  supportsResponseStream && (responseType === 'stream' || responseType === 'response');
8772
9545
 
8773
- if (supportsResponseStream && (onDownloadProgress || (isStreamResponse && unsubscribe))) {
9546
+ if (
9547
+ supportsResponseStream &&
9548
+ response.body &&
9549
+ (onDownloadProgress || hasMaxContentLength || (isStreamResponse && unsubscribe))
9550
+ ) {
8774
9551
  const options = {};
8775
9552
 
8776
9553
  ['status', 'statusText', 'headers'].forEach((prop) => {
8777
9554
  options[prop] = response[prop];
8778
9555
  });
8779
9556
 
8780
- const responseContentLength = utils$1.toFiniteNumber(response.headers.get('content-length'));
9557
+ const responseContentLength = utils$1.toFiniteNumber(responseHeaders.getContentLength());
8781
9558
 
8782
9559
  const [onProgress, flush] =
8783
9560
  (onDownloadProgress &&
@@ -8787,8 +9564,24 @@ var contentfulManagement = (function (exports) {
8787
9564
  )) ||
8788
9565
  [];
8789
9566
 
9567
+ let bytesRead = 0;
9568
+ const onChunkProgress = (loadedBytes) => {
9569
+ if (hasMaxContentLength) {
9570
+ bytesRead = loadedBytes;
9571
+ if (bytesRead > maxContentLength) {
9572
+ throw new AxiosError(
9573
+ 'maxContentLength size of ' + maxContentLength + ' exceeded',
9574
+ AxiosError.ERR_BAD_RESPONSE,
9575
+ config,
9576
+ request
9577
+ );
9578
+ }
9579
+ }
9580
+ onProgress && onProgress(loadedBytes);
9581
+ };
9582
+
8790
9583
  response = new Response(
8791
- trackStream(response.body, DEFAULT_CHUNK_SIZE, onProgress, () => {
9584
+ trackStream(response.body, DEFAULT_CHUNK_SIZE, onChunkProgress, () => {
8792
9585
  flush && flush();
8793
9586
  unsubscribe && unsubscribe();
8794
9587
  }),
@@ -8803,6 +9596,33 @@ var contentfulManagement = (function (exports) {
8803
9596
  config
8804
9597
  );
8805
9598
 
9599
+ // Fallback enforcement for environments without ReadableStream support
9600
+ // (legacy runtimes). Detect materialized size from typed output; skip
9601
+ // streams/Response passthrough since the user will read those themselves.
9602
+ if (hasMaxContentLength && !supportsResponseStream && !isStreamResponse) {
9603
+ let materializedSize;
9604
+ if (responseData != null) {
9605
+ if (typeof responseData.byteLength === 'number') {
9606
+ materializedSize = responseData.byteLength;
9607
+ } else if (typeof responseData.size === 'number') {
9608
+ materializedSize = responseData.size;
9609
+ } else if (typeof responseData === 'string') {
9610
+ materializedSize =
9611
+ typeof TextEncoder === 'function'
9612
+ ? new TextEncoder().encode(responseData).byteLength
9613
+ : responseData.length;
9614
+ }
9615
+ }
9616
+ if (typeof materializedSize === 'number' && materializedSize > maxContentLength) {
9617
+ throw new AxiosError(
9618
+ 'maxContentLength size of ' + maxContentLength + ' exceeded',
9619
+ AxiosError.ERR_BAD_RESPONSE,
9620
+ config,
9621
+ request
9622
+ );
9623
+ }
9624
+ }
9625
+
8806
9626
  !isStreamResponse && unsubscribe && unsubscribe();
8807
9627
 
8808
9628
  return await new Promise((resolve, reject) => {
@@ -8818,6 +9638,34 @@ var contentfulManagement = (function (exports) {
8818
9638
  } catch (err) {
8819
9639
  unsubscribe && unsubscribe();
8820
9640
 
9641
+ // Safari can surface fetch aborts as a DOMException-like object whose
9642
+ // branded getters throw. Prefer our composed signal reason before reading
9643
+ // the caught error, preserving timeout vs cancellation semantics.
9644
+ if (composedSignal && composedSignal.aborted && composedSignal.reason instanceof AxiosError) {
9645
+ const canceledError = composedSignal.reason;
9646
+ canceledError.config = config;
9647
+ request && (canceledError.request = request);
9648
+ err !== canceledError && (canceledError.cause = err);
9649
+ throw canceledError;
9650
+ }
9651
+
9652
+ // Surface a maxBodyLength violation we raised while the request body was
9653
+ // being streamed. Matching by identity (rather than reading
9654
+ // `err.cause.isAxiosError`) keeps the error deterministic across runtimes
9655
+ // and avoids both prototype-pollution reads and mis-attributing a foreign
9656
+ // AxiosError that merely happened to land in `err.cause`.
9657
+ if (pendingBodyError) {
9658
+ request && !pendingBodyError.request && (pendingBodyError.request = request);
9659
+ throw pendingBodyError;
9660
+ }
9661
+
9662
+ // Re-throw AxiosErrors we raised synchronously (data: URL / content-length
9663
+ // pre-checks, response size enforcement) without re-wrapping them.
9664
+ if (err instanceof AxiosError) {
9665
+ request && !err.request && (err.request = request);
9666
+ throw err;
9667
+ }
9668
+
8821
9669
  if (err && err.name === 'TypeError' && /Load failed|fetch/i.test(err.message)) {
8822
9670
  throw Object.assign(
8823
9671
  new AxiosError(
@@ -8886,11 +9734,13 @@ var contentfulManagement = (function (exports) {
8886
9734
  utils$1.forEach(knownAdapters, (fn, value) => {
8887
9735
  if (fn) {
8888
9736
  try {
8889
- Object.defineProperty(fn, 'name', { value });
9737
+ // Null-proto descriptors so a polluted Object.prototype.get cannot turn
9738
+ // these data descriptors into accessor descriptors on the way in.
9739
+ Object.defineProperty(fn, 'name', { __proto__: null, value });
8890
9740
  } catch (e) {
8891
9741
  // eslint-disable-next-line no-empty
8892
9742
  }
8893
- Object.defineProperty(fn, 'adapterName', { value });
9743
+ Object.defineProperty(fn, 'adapterName', { __proto__: null, value });
8894
9744
  }
8895
9745
  });
8896
9746
 
@@ -9032,8 +9882,15 @@ var contentfulManagement = (function (exports) {
9032
9882
  function onAdapterResolution(response) {
9033
9883
  throwIfCancellationRequested(config);
9034
9884
 
9035
- // Transform response data
9036
- response.data = transformData.call(config, config.transformResponse, response);
9885
+ // Expose the current response on config so that transformResponse can
9886
+ // attach it to any AxiosError it throws (e.g. on JSON parse failure).
9887
+ // We clean it up afterwards to avoid polluting the config object.
9888
+ config.response = response;
9889
+ try {
9890
+ response.data = transformData.call(config, config.transformResponse, response);
9891
+ } finally {
9892
+ delete config.response;
9893
+ }
9037
9894
 
9038
9895
  response.headers = AxiosHeaders.from(response.headers);
9039
9896
 
@@ -9045,11 +9902,16 @@ var contentfulManagement = (function (exports) {
9045
9902
 
9046
9903
  // Transform response data
9047
9904
  if (reason && reason.response) {
9048
- reason.response.data = transformData.call(
9049
- config,
9050
- config.transformResponse,
9051
- reason.response
9052
- );
9905
+ config.response = reason.response;
9906
+ try {
9907
+ reason.response.data = transformData.call(
9908
+ config,
9909
+ config.transformResponse,
9910
+ reason.response
9911
+ );
9912
+ } finally {
9913
+ delete config.response;
9914
+ }
9053
9915
  reason.response.headers = AxiosHeaders.from(reason.response.headers);
9054
9916
  }
9055
9917
  }
@@ -9059,8 +9921,6 @@ var contentfulManagement = (function (exports) {
9059
9921
  );
9060
9922
  }
9061
9923
 
9062
- const VERSION = "1.15.0";
9063
-
9064
9924
  const validators$1 = {};
9065
9925
 
9066
9926
  // eslint-disable-next-line func-names
@@ -9144,7 +10004,9 @@ var contentfulManagement = (function (exports) {
9144
10004
  let i = keys.length;
9145
10005
  while (i-- > 0) {
9146
10006
  const opt = keys[i];
9147
- const validator = schema[opt];
10007
+ // Use hasOwnProperty so a polluted Object.prototype.<opt> cannot supply
10008
+ // a non-function validator and cause a TypeError.
10009
+ const validator = Object.prototype.hasOwnProperty.call(schema, opt) ? schema[opt] : undefined;
9148
10010
  if (validator) {
9149
10011
  const value = options[opt];
9150
10012
  const result = value === undefined || validator(value, opt, options);
@@ -9258,6 +10120,8 @@ var contentfulManagement = (function (exports) {
9258
10120
  forcedJSONParsing: validators.transitional(validators.boolean),
9259
10121
  clarifyTimeoutError: validators.transitional(validators.boolean),
9260
10122
  legacyInterceptorReqResOrdering: validators.transitional(validators.boolean),
10123
+ advertiseZstdAcceptEncoding: validators.transitional(validators.boolean),
10124
+ validateStatusUndefinedResolves: validators.transitional(validators.boolean),
9261
10125
  },
9262
10126
  false
9263
10127
  );
@@ -9303,7 +10167,7 @@ var contentfulManagement = (function (exports) {
9303
10167
  let contextHeaders = headers && utils$1.merge(headers.common, headers[config.method]);
9304
10168
 
9305
10169
  headers &&
9306
- utils$1.forEach(['delete', 'get', 'head', 'post', 'put', 'patch', 'common'], (method) => {
10170
+ utils$1.forEach(['delete', 'get', 'head', 'post', 'put', 'patch', 'query', 'common'], (method) => {
9307
10171
  delete headers[method];
9308
10172
  });
9309
10173
 
@@ -9387,7 +10251,7 @@ var contentfulManagement = (function (exports) {
9387
10251
 
9388
10252
  getUri(config) {
9389
10253
  config = mergeConfig(this.defaults, config);
9390
- const fullPath = buildFullPath(config.baseURL, config.url, config.allowAbsoluteUrls);
10254
+ const fullPath = buildFullPath(config.baseURL, config.url, config.allowAbsoluteUrls, config);
9391
10255
  return buildURL(fullPath, config.params, config.paramsSerializer);
9392
10256
  }
9393
10257
  }
@@ -9400,13 +10264,13 @@ var contentfulManagement = (function (exports) {
9400
10264
  mergeConfig(config || {}, {
9401
10265
  method,
9402
10266
  url,
9403
- data: (config || {}).data,
10267
+ data: config && utils$1.hasOwnProp(config, 'data') ? config.data : undefined,
9404
10268
  })
9405
10269
  );
9406
10270
  };
9407
10271
  });
9408
10272
 
9409
- utils$1.forEach(['post', 'put', 'patch'], function forEachMethodWithData(method) {
10273
+ utils$1.forEach(['post', 'put', 'patch', 'query'], function forEachMethodWithData(method) {
9410
10274
  function generateHTTPMethod(isForm) {
9411
10275
  return function httpMethod(url, data, config) {
9412
10276
  return this.request(
@@ -9426,7 +10290,11 @@ var contentfulManagement = (function (exports) {
9426
10290
 
9427
10291
  Axios.prototype[method] = generateHTTPMethod();
9428
10292
 
9429
- Axios.prototype[method + 'Form'] = generateHTTPMethod(true);
10293
+ // QUERY is a safe/idempotent read method; multipart form bodies don't fit
10294
+ // its semantics, so no queryForm shorthand is generated.
10295
+ if (method !== 'query') {
10296
+ Axios.prototype[method + 'Form'] = generateHTTPMethod(true);
10297
+ }
9430
10298
  });
9431
10299
 
9432
10300
  /**
@@ -11188,9 +12056,9 @@ var contentfulManagement = (function (exports) {
11188
12056
  const BODY_FORMAT_HEADER = 'x-contentful-comment-body-format';
11189
12057
  const PARENT_ENTITY_REFERENCE_HEADER = 'x-contentful-parent-entity-reference';
11190
12058
  const PARENT_COMMENT_ID_HEADER = 'x-contentful-parent-id';
11191
- const getSpaceEnvBaseUrl = (params) => `/spaces/${params.spaceId}/environments/${params.environmentId}`;
12059
+ const getSpaceEnvBaseUrl$1 = (params) => `/spaces/${params.spaceId}/environments/${params.environmentId}`;
11192
12060
  const getEntityCommentUrl = (params) => `${getEntityBaseUrl(params)}/${params.commentId}`;
11193
- function getParentPlural(parentEntityType) {
12061
+ function getParentPlural$1(parentEntityType) {
11194
12062
  switch (parentEntityType) {
11195
12063
  case 'ContentType':
11196
12064
  return 'content_types';
@@ -11198,11 +12066,19 @@ var contentfulManagement = (function (exports) {
11198
12066
  return 'entries';
11199
12067
  case 'Workflow':
11200
12068
  return 'workflows';
12069
+ case 'Experience':
12070
+ return 'experiences';
12071
+ case 'Fragment':
12072
+ return 'fragments';
12073
+ case 'ComponentType':
12074
+ return 'component_types';
12075
+ case 'Template':
12076
+ return 'templates';
11201
12077
  }
11202
12078
  }
11203
12079
  /**
11204
- * Comments can be added to a content type, an entry, and a workflow. Workflow comments requires a version
11205
- * to be set as part of the URL path. Workflow comments only support `create` (with
12080
+ * Comments can be added to a content type, an entry, a workflow, or ExO entities. Workflow comments requires a version
12081
+ * to be set as part of the URL path for versioned operations. Workflow comments only support `create` (with
11206
12082
  * versionized URL) and `getMany` (without version). The API might support more methods
11207
12083
  * in the future with new use cases being discovered.
11208
12084
  */
@@ -11216,9 +12092,9 @@ var contentfulManagement = (function (exports) {
11216
12092
  }
11217
12093
  : paramsOrg;
11218
12094
  const { parentEntityId, parentEntityType } = params;
11219
- const parentPlural = getParentPlural(parentEntityType);
12095
+ const parentPlural = getParentPlural$1(parentEntityType);
11220
12096
  const versionPath = 'parentEntityVersion' in params ? `/versions/${params.parentEntityVersion}` : '';
11221
- return `${getSpaceEnvBaseUrl(params)}/${parentPlural}/${parentEntityId}${versionPath}/comments`;
12097
+ return `${getSpaceEnvBaseUrl$1(params)}/${parentPlural}/${parentEntityId}${versionPath}/comments`;
11222
12098
  };
11223
12099
  const get$J = (http, params) => get$14(http, getEntityCommentUrl(params), {
11224
12100
  headers: params.bodyFormat === 'rich-text'
@@ -12859,7 +13735,34 @@ var contentfulManagement = (function (exports) {
12859
13735
  update: update$9
12860
13736
  });
12861
13737
 
12862
- const getBaseUrl$8 = (params) => `/spaces/${params.spaceId}/environments/${params.environmentId}/entries/${params.entryId}/tasks`;
13738
+ const getSpaceEnvBaseUrl = (params) => `/spaces/${params.spaceId}/environments/${params.environmentId}`;
13739
+ function getParentPlural(parentEntityType) {
13740
+ switch (parentEntityType) {
13741
+ case 'Entry':
13742
+ return 'entries';
13743
+ case 'Experience':
13744
+ return 'experiences';
13745
+ case 'Fragment':
13746
+ return 'fragments';
13747
+ case 'Template':
13748
+ return 'templates';
13749
+ case 'ComponentType':
13750
+ return 'component_types';
13751
+ }
13752
+ }
13753
+ const normalizeTaskParentParams = (paramsOrg) => 'entryId' in paramsOrg
13754
+ ? {
13755
+ spaceId: paramsOrg.spaceId,
13756
+ environmentId: paramsOrg.environmentId,
13757
+ parentEntityType: 'Entry',
13758
+ parentEntityId: paramsOrg.entryId,
13759
+ }
13760
+ : paramsOrg;
13761
+ const getBaseUrl$8 = (paramsOrg) => {
13762
+ const params = normalizeTaskParentParams(paramsOrg);
13763
+ const parentPlural = getParentPlural(params.parentEntityType);
13764
+ return `${getSpaceEnvBaseUrl(params)}/${parentPlural}/${params.parentEntityId}/tasks`;
13765
+ };
12863
13766
  const getTaskUrl = (params) => `${getBaseUrl$8(params)}/${params.taskId}`;
12864
13767
  const get$8 = (http, params) => get$14(http, getTaskUrl(params));
12865
13768
  const getMany$6 = (http, params) => get$14(http, getBaseUrl$8(params), {
@@ -14204,12 +15107,16 @@ var contentfulManagement = (function (exports) {
14204
15107
  * @internal
14205
15108
  */
14206
15109
  function createTaskApi(makeRequest) {
14207
- const getParams = (task) => ({
14208
- spaceId: task.sys.space.sys.id,
14209
- environmentId: task.sys.environment.sys.id,
14210
- entryId: task.sys.parentEntity.sys.id,
14211
- taskId: task.sys.id,
14212
- });
15110
+ const getParams = (task) => {
15111
+ const parentEntity = task.sys.parentEntity;
15112
+ return {
15113
+ spaceId: task.sys.space.sys.id,
15114
+ environmentId: task.sys.environment.sys.id,
15115
+ parentEntityType: parentEntity.sys.linkType,
15116
+ parentEntityId: parentEntity.sys.id,
15117
+ taskId: task.sys.id,
15118
+ };
15119
+ };
14213
15120
  return {
14214
15121
  update: function () {
14215
15122
  const raw = this.toPlainObject();
@@ -14259,12 +15166,16 @@ var contentfulManagement = (function (exports) {
14259
15166
  * @internal
14260
15167
  */
14261
15168
  function createCommentApi(makeRequest) {
14262
- const getParams = (comment) => ({
14263
- spaceId: comment.sys.space.sys.id,
14264
- environmentId: comment.sys.environment.sys.id,
14265
- entryId: comment.sys.parentEntity.sys.id,
14266
- commentId: comment.sys.id,
14267
- });
15169
+ const getParams = (comment) => {
15170
+ const parentEntity = comment.sys.parentEntity;
15171
+ return {
15172
+ spaceId: comment.sys.space.sys.id,
15173
+ environmentId: comment.sys.environment.sys.id,
15174
+ commentId: comment.sys.id,
15175
+ parentEntityType: parentEntity.sys.linkType,
15176
+ parentEntityId: parentEntity.sys.id,
15177
+ };
15178
+ };
14268
15179
  return {
14269
15180
  update: async function () {
14270
15181
  const raw = this.toPlainObject();