1
0
term/pkg/axios/CHANGELOG.md
2024-03-23 20:25:41 +09:00

46 KiB

Changelog

1.6.3 (2023-12-26)

Bug Fixes

  • Regular Expression Denial of Service (ReDoS) (#6132) (5e7ad38)

Contributors to this release

1.6.2 (2023-11-14)

Features

  • withXSRFToken: added withXSRFToken option as a workaround to achieve the old withCredentials behavior; (#6046) (cff9967)

PRs

  • feat(withXSRFToken): added withXSRFToken option as a workaround to achieve the old `withCredentials` behavior; ( #6046 )

📢 This PR added 'withXSRFToken' option as a replacement for old withCredentials behaviour. 
You should now use withXSRFToken along with withCredential to get the old behavior.
This functionality is considered as a fix.

Contributors to this release

1.6.1 (2023-11-08)

Bug Fixes

  • formdata: fixed content-type header normalization for non-standard browser environments; (#6056) (dd465ab)
  • platform: fixed emulated browser detection in node.js environment; (#6055) (3dc8369)

Contributors to this release

PRs

  • feat(withXSRFToken): added withXSRFToken option as a workaround to achieve the old `withCredentials` behavior; ( #6046 )

📢 This PR added 'withXSRFToken' option as a replacement for old withCredentials behaviour. 
You should now use withXSRFToken along with withCredential to get the old behavior.
This functionality is considered as a fix.

1.6.0 (2023-10-26)

Bug Fixes

  • CSRF: fixed CSRF vulnerability CVE-2023-45857 (#6028) (96ee232)
  • dns: fixed lookup function decorator to work properly in node v20; (#6011) (5aaff53)
  • types: fix AxiosHeaders types; (#5931) (a1c8ad0)

PRs

  • CVE 2023 45857 ( #6028 )

⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

Contributors to this release

1.5.1 (2023-09-26)

Bug Fixes

  • adapters: improved adapters loading logic to have clear error messages; (#5919) (e410779)
  • formdata: fixed automatic addition of the Content-Type header for FormData in non-browser environments; (#5917) (bc9af51)
  • headers: allow content-encoding header to handle case-insensitive values (#5890) (#5892) (4c89f25)
  • types: removed duplicated code (9e62056)

Contributors to this release

PRs

  • CVE 2023 45857 ( #6028 )

⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

1.5.0 (2023-08-26)

Bug Fixes

  • adapter: make adapter loading error more clear by using platform-specific adapters explicitly (#5837) (9a414bb)
  • dns: fixed cacheable-lookup integration; (#5836) (b3e327d)
  • headers: added support for setting header names that overlap with class methods; (#5831) (d8b4ca0)
  • headers: fixed common Content-Type header merging; (#5832) (8fda276)

Features

Contributors to this release

PRs

  • CVE 2023 45857 ( #6028 )

⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

1.4.0 (2023-04-27)

Bug Fixes

  • formdata: add multipart/form-data content type for FormData payload on custom client environments; (#5678) (bbb61e7)
  • package: export package internals with unsafe path prefix; (#5677) (df38c94)

Features

  • dns: added support for a custom lookup function; (#5339) (2701911)
  • types: export AxiosHeaderValue type. (#5525) (726f1c8)

Performance Improvements

  • merge-config: optimize mergeConfig performance by avoiding duplicate key visits; (#5679) (e6f7053)

Contributors to this release

PRs

  • CVE 2023 45857 ( #6028 )

⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

1.3.6 (2023-04-19)

Bug Fixes

  • types: added transport to RawAxiosRequestConfig (#5445) (6f360a2)
  • utils: make isFormData detection logic stricter to avoid unnecessary calling of the toString method on the target; (#5661) (aa372f7)

Contributors to this release

PRs

  • CVE 2023 45857 ( #6028 )

⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

1.3.5 (2023-04-05)

Bug Fixes

  • headers: fixed isValidHeaderName to support full list of allowed characters; (#5584) (e7decef)
  • params: re-added the ability to set the function as paramsSerializer config; (#5633) (a56c866)

Contributors to this release

PRs

  • CVE 2023 45857 ( #6028 )

⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

1.3.4 (2023-02-22)

Bug Fixes

  • blob: added a check to make sure the Blob class is available in the browser's global scope; (#5548) (3772c8f)
  • http: fixed regression bug when handling synchronous errors inside the adapter; (#5564) (a3b246c)

Contributors to this release

PRs

  • CVE 2023 45857 ( #6028 )

⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

1.3.3 (2023-02-13)

Bug Fixes

  • formdata: added a check to make sure the FormData class is available in the browser's global scope; (#5545) (a6dfa72)
  • formdata: fixed setting NaN as Content-Length for form payload in some cases; (#5535) (c19f7bf)
  • headers: fixed the filtering logic of the clear method; (#5542) (ea87ebf)

Contributors to this release

PRs

  • CVE 2023 45857 ( #6028 )

⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

1.3.2 (2023-02-03)

Bug Fixes

Contributors to this release

PRs

  • CVE 2023 45857 ( #6028 )

⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

1.3.1 (2023-02-01)

Bug Fixes

  • formdata: add hotfix to use the asynchronous API to compute the content-length header value; (#5521) (96d336f)
  • serializer: fixed serialization of array-like objects; (#5518) (08104c0)

Contributors to this release

PRs

  • CVE 2023 45857 ( #6028 )

⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

1.3.0 (2023-01-31)

Bug Fixes

Features

  • fomdata: added support for spec-compliant FormData & Blob types; (#5316) (6ac574e)

Contributors to this release

PRs

  • CVE 2023 45857 ( #6028 )

⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

1.2.6 (2023-01-28)

Bug Fixes

  • headers: added missed Authorization accessor; (#5502) (342c0ba)
  • types: fixed CommonRequestHeadersList & CommonResponseHeadersList types to be private in commonJS; (#5503) (5a3d0a3)

Contributors to this release

PRs

  • CVE 2023 45857 ( #6028 )

⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

1.2.5 (2023-01-26)

Bug Fixes

  • types: fixed AxiosHeaders to handle spread syntax by making all methods non-enumerable; (#5499) (580f1e8)

Contributors to this release

PRs

  • CVE 2023 45857 ( #6028 )

⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

1.2.4 (2023-01-22)

Bug Fixes

  • types: renamed RawAxiosRequestConfig back to AxiosRequestConfig; (#5486) (2a71f49)
  • types: fix AxiosRequestConfig generic; (#5478) (9bce81b)

Contributors to this release

PRs

  • CVE 2023 45857 ( #6028 )

⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

1.2.3 (2023-01-10)

Bug Fixes

  • types: fixed AxiosRequestConfig header interface by refactoring it to RawAxiosRequestConfig; (#5420) (0811963)

Contributors to this release

PRs

  • CVE 2023 45857 ( #6028 )

⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

[1.2.2] - 2022-12-29

Fixed

  • fix(ci): fix release script inputs #5392
  • fix(ci): prerelease scipts #5377
  • fix(ci): release scripts #5376
  • fix(ci): typescript tests #5375
  • fix: Brotli decompression #5353
  • fix: add missing HttpStatusCode #5345

Chores

  • chore(ci): set conventional-changelog header config #5406
  • chore(ci): fix automatic contributors resolving #5403
  • chore(ci): improved logging for the contributors list generator #5398
  • chore(ci): fix release action #5397
  • chore(ci): fix version bump script by adding bump argument for target version #5393
  • chore(deps): bump decode-uri-component from 0.2.0 to 0.2.2 #5342
  • chore(ci): GitHub Actions Release script #5384
  • chore(ci): release scripts #5364

Contributors to this release

[1.2.1] - 2022-12-05

Changed

  • feat(exports): export mergeConfig #5151

Fixed

  • fix(CancelledError): include config #4922
  • fix(general): removing multiple/trailing/leading whitespace #5022
  • fix(headers): decompression for responses without Content-Length header #5306
  • fix(webWorker): exception to sending form data in web worker #5139

Refactors

  • refactor(types): AxiosProgressEvent.event type to any #5308
  • refactor(types): add missing types for static AxiosError.from method #4956

Chores

  • chore(docs): remove README link to non-existent upgrade guide #5307
  • chore(docs): typo in issue template name #5159

Contributors to this release

PRs

  • CVE 2023 45857 ( #6028 )

⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

[1.2.0] - 2022-11-10

Changed

  • changed: refactored module exports #5162
  • change: re-added support for loading Axios with require('axios').default #5225

Fixed

  • fix: improve AxiosHeaders class #5224
  • fix: TypeScript type definitions for commonjs #5196
  • fix: type definition of use method on AxiosInterceptorManager to match the the README #5071
  • fix: __dirname is not defined in the sandbox #5269
  • fix: AxiosError.toJSON method to avoid circular references #5247
  • fix: Z_BUF_ERROR when content-encoding is set but the response body is empty #5250

Refactors

  • refactor: allowing adapters to be loaded by name #5277

Chores

  • chore: force CI restart #5243
  • chore: update ECOSYSTEM.md #5077
  • chore: update get/index.html #5116
  • chore: update Sandbox UI/UX #5205
  • chore:(actions): remove git credentials after checkout #5235
  • chore(actions): bump actions/dependency-review-action from 2 to 3 #5266
  • chore(packages): bump loader-utils from 1.4.1 to 1.4.2 #5295
  • chore(packages): bump engine.io from 6.2.0 to 6.2.1 #5294
  • chore(packages): bump socket.io-parser from 4.0.4 to 4.0.5 #5241
  • chore(packages): bump loader-utils from 1.4.0 to 1.4.1 #5245
  • chore(docs): update Resources links in README #5119
  • chore(docs): update the link for JSON url #5265
  • chore(docs): fix broken links #5218
  • chore(docs): update and rename UPGRADE_GUIDE.md to MIGRATION_GUIDE.md #5170
  • chore(docs): typo fix line #856 and #920 #5194
  • chore(docs): typo fix #800 #5193
  • chore(docs): fix typos #5184
  • chore(docs): fix punctuation in README.md #5197
  • chore(docs): update readme in the Handling Errors section - issue reference #5260 #5261
  • chore: remove \b from filename #5207
  • chore(docs): update CHANGELOG.md #5137
  • chore: add sideEffects false to package.json #5025

Contributors to this release

PRs

  • CVE 2023 45857 ( #6028 )

⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

[1.1.3] - 2022-10-15

Added

  • Added custom params serializer support #5113

Fixed

  • Fixed top-level export to keep them in-line with static properties #5109
  • Stopped including null values to query string. #5108
  • Restored proxy config backwards compatibility with 0.x #5097
  • Added back AxiosHeaders in AxiosHeaderValue #5103
  • Pin CDN install instructions to a specific version #5060
  • Handling of array values fixed for AxiosHeaders #5085

Chores

  • docs: match badge style, add link to them #5046
  • chore: fixing comments typo #5054
  • chore: update issue template #5061
  • chore: added progress capturing section to the docs; #5084

Contributors to this release

PRs

  • CVE 2023 45857 ( #6028 )

⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

[1.1.2] - 2022-10-07

Fixed

  • Fixed broken exports for UMD builds.

Contributors to this release

PRs

  • CVE 2023 45857 ( #6028 )

⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

[1.1.1] - 2022-10-07

Fixed

  • Fixed broken exports for common js. This fix breaks a prior fix, I will fix both issues ASAP but the commonJS use is more impactful.

Contributors to this release

PRs

  • CVE 2023 45857 ( #6028 )

⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

[1.1.0] - 2022-10-06

Fixed

  • Fixed missing exports in type definition index.d.ts #5003
  • Fixed query params composing #5018
  • Fixed GenericAbortSignal interface by making it more generic #5021
  • Fixed adding "clear" to AxiosInterceptorManager #5010
  • Fixed commonjs & umd exports #5030
  • Fixed inability to access response headers when using axios 1.x with Jest #5036

Contributors to this release

PRs

  • CVE 2023 45857 ( #6028 )

⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459

[1.0.0] - 2022-10-04

Added

  • Added stack trace to AxiosError #4624
  • Add AxiosError to AxiosStatic #4654
  • Replaced Rollup as our build runner #4596
  • Added generic TS types for the exposed toFormData helper #4668
  • Added listen callback function #4096
  • Added instructions for installing using PNPM #4207
  • Added generic AxiosAbortSignal TS interface to avoid importing AbortController polyfill #4229
  • Added axios-url-template in ECOSYSTEM.md #4238
  • Added a clear() function to the request and response interceptors object so a user can ensure that all interceptors have been removed from an axios instance #4248
  • Added react hook plugin #4319
  • Adding HTTP status code for transformResponse #4580
  • Added blob to the list of protocols supported by the browser #4678
  • Resolving proxy from env on redirect #4436
  • Added enhanced toFormData implementation with additional options 4704
  • Adding Canceler parameters config and request #4711
  • Added automatic payload serialization to application/x-www-form-urlencoded #4714
  • Added the ability for webpack users to overwrite built-ins #4715
  • Added string[] to AxiosRequestHeaders type #4322
  • Added the ability for the url-encoded-form serializer to respect the formSerializer config #4721
  • Added isCancel type assert #4293
  • Added data URL support for node.js #4725
  • Adding types for progress event callbacks #4675
  • URL params serializer #4734
  • Added axios.formToJSON method #4735
  • Bower platform add data protocol #4804
  • Use WHATWG URL API instead of url.parse() #4852
  • Add ENUM containing Http Status Codes to typings #4903
  • Improve typing of timeout in index.d.ts #4934

Changed

  • Updated AxiosError.config to be optional in the type definition #4665
  • Updated README emphasizing the URLSearchParam built-in interface over other solutions #4590
  • Include request and config when creating a CanceledError instance #4659
  • Changed func-names eslint rule to as-needed #4492
  • Replacing deprecated substr() with slice() as substr() is deprecated #4468
  • Updating HTTP links in README.md to use HTTPS #4387
  • Updated to a better trim() polyfill #4072
  • Updated types to allow specifying partial default headers on instance create #4185
  • Expanded isAxiosError types #4344
  • Updated type definition for axios instance methods #4224
  • Updated eslint config #4722
  • Updated Docs #4742
  • Refactored Axios to use ES2017 #4787

Deprecated

  • There are multiple deprecations, refactors and fixes provided in this release. Please read through the full release notes to see how this may impact your project and use case.

Removed

  • Removed incorrect argument for NetworkError constructor #4656
  • Removed Webpack #4596
  • Removed function that transform arguments to array #4544

Fixed

  • Fixed grammar in README #4649
  • Fixed code error in README #4599
  • Optimized the code that checks cancellation #4587
  • Fix url pointing to defaults.js in README #4532
  • Use type alias instead of interface for AxiosPromise #4505
  • Fix some word spelling and lint style in code comments #4500
  • Edited readme with 3 updated browser icons of Chrome, FireFox and Safari #4414
  • Bump follow-redirects from 1.14.9 to 1.15.0 #4673
  • Fixing http tests to avoid hanging when assertions fail #4435
  • Fix TS definition for AxiosRequestTransformer #4201
  • Fix grammatical issues in README #4232
  • Fixing instance.defaults.headers type #4557
  • Fixed race condition on immediate requests cancellation #4261
  • Fixing Z_BUF_ERROR when no content #4701
  • Fixing proxy beforeRedirect regression #4708
  • Fixed AxiosError status code type #4717
  • Fixed AxiosError stack capturing #4718
  • Fixing AxiosRequestHeaders typings #4334
  • Fixed max body length defaults #4731
  • Fixed toFormData Blob issue on node>v17 #4728
  • Bump grunt from 1.5.2 to 1.5.3 #4743
  • Fixing content-type header repeated #4745
  • Fixed timeout error message for http 4738
  • Request ignores false, 0 and empty string as body values #4785
  • Added back missing minified builds #4805
  • Fixed a type error #4815
  • Fixed a regression bug with unsubscribing from cancel token; #4819
  • Remove repeated compression algorithm #4820
  • The error of calling extend to pass parameters #4857
  • SerializerOptions.indexes allows boolean | null | undefined #4862
  • Require interceptors to return values #4874
  • Removed unused imports #4949
  • Allow null indexes on formSerializer and paramsSerializer #4960

Chores

  • Set permissions for GitHub actions #4765
  • Included githubactions in the dependabot config #4770
  • Included dependency review #4771
  • Update security.md #4784
  • Remove unnecessary spaces #4854
  • Simplify the import path of AxiosError #4875
  • Fix Gitpod dead link #4941
  • Enable syntax highlighting for a code block #4970
  • Using Logo Axios in Readme.md #4993
  • Fix markup for note in README #4825
  • Fix typo and formatting, add colons #4853
  • Fix typo in readme #4942

Security

  • Update SECURITY.md #4687

Contributors to this release