mirrors/axios
2
0
Fork 0
mirror of https://github.com/tenrok/axios.git synced 2026-05-15 11:59:42 +03:00
Code Activity
1,822 Commits 2 Branches 0 Tags
v1.x
Commit Graph

1822 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jay 28c721588c fix: Denial of Service via __proto__ Key in mergeConfig (#7369) 
* fix: sec issue as per advisory

* chore: expand and add tests
 2026-02-04 20:25:06 +02:00
Sachin 04cf01969e docs: clarify object check comment (#7323) 
Co-authored-by: Jay <jasonsaayman@gmail.com>
 2026-02-04 19:21:44 +02:00
Willian Agostini 696fa753c5 fix: status is missing in AxiosError on and after v1.13.3 (#7368) 
* test: add error handling tests for fetch and http adapters with status code

* fix: improve error handling in fetch adapter by including request and response in AxiosError

* fix: skip fetch test if fetch is not supported

* Update lib/adapters/fetch.js

Co-authored-by: cubic-dev-ai[bot] <191113872+cubic-dev-ai[bot]@users.noreply.github.com>

* fix: improve error handling in fetch adapter by using the correct request object

---------

Co-authored-by: cubic-dev-ai[bot] <191113872+cubic-dev-ai[bot]@users.noreply.github.com>
 2026-02-04 09:47:12 +02:00
Willian Agostini 569f028a58 fix: added a option to choose between legacy and the new request/response interceptor ordering 
* test: add request interceptor tests for legacy and ordered execution

* feat: add legacy interceptor request/response ordering option

---------

Co-authored-by: Jay <jasonsaayman@gmail.com>
 2026-01-30 08:12:04 +02:00
dependabot[bot] 44b7c9f0c4 chore(deps-dev): bump karma-sourcemap-loader (#7360) 
Bumps the development_dependencies group with 1 update in the / directory: [karma-sourcemap-loader](https://github.com/demerzel3/karma-sourcemap-loader).


Updates `karma-sourcemap-loader` from 0.3.8 to 0.4.0
- [Changelog](https://github.com/demerzel3/karma-sourcemap-loader/blob/master/CHANGELOG.md)
- [Commits](https://github.com/demerzel3/karma-sourcemap-loader/commits/0.4.0)

---
updated-dependencies:
- dependency-name: karma-sourcemap-loader
  dependency-version: 0.4.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: development_dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-29 20:40:52 +02:00
Jay 472c631e86 refactor: bump minors package versions (#7356) 
* refactor: bump minors package versions

* fix: dtslint

* fix: package install

* chore: remove dts

* chore: attempt to fix issues with 12 and 14

* chore: remove unneeded package

* chore: remove unneeded package

* chore: remove unneeded package

* chore: try to install on older version

* chore: remove build for 12

* fix: sponsors
 2026-01-29 20:34:43 +02:00
Jay 99d588dcea chore: fix issues with yml (#7355) 
* chore: fix issues with yml

* chore: fix issues with sponsor update yml
 2026-01-28 19:57:41 +02:00
github-actions[bot] 9336cf9a33 chore(release): prepare release 1.13.4 (#7353) 
* 1.13.4

* chore: codegen and some updates to workflows

* chore: add github token

Co-authored-by: cubic-dev-ai[bot] <191113872+cubic-dev-ai[bot]@users.noreply.github.com>

---------

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: jasonsaayman <jasonsaayman@gmail.com>
Co-authored-by: cubic-dev-ai[bot] <191113872+cubic-dev-ai[bot]@users.noreply.github.com>
 2026-01-27 20:13:03 +02:00
Jay ee90dfc28a fix: issues with version 1.13.3 (#7352) 2026-01-27 08:04:06 +02:00
Jason Saayman af4f6d960f fix: release branch yml 2026-01-26 20:07:47 +02:00
Jason Saayman 253e3ad06a fix: all merge configs 2026-01-26 20:05:43 +02:00
Jay 8ff6c19e2d refactor: ci and build (#7340) 
* chore: add mise

* chore: re-position ci

* chore: move sponsors script

* chore: fix yml

* chore: yml

* fix: yml

* fix: yml

* chore: tweak sponsor yml

* chore: implement security suggestion

* chore: update templates for issues and PRs and update all workflows

* fix: copilot feedback

* feat: always run CI

* fix: linked resources

* chore: cancel run if new run starts

* feat: generate release notes with copilot
 2026-01-25 18:17:31 +02:00
Jay ab06109b40 chore(release): v1.13.3 (#7335) 2026-01-20 19:47:13 +02:00
Jay 2d6ad5e48b revert(deps): bump peter-evans/create-pull-request from 7 to 8 in the github-actions group (#7334) 
This reverts commit 25446920e3.
 2026-01-19 21:38:27 +02:00
github-actions[bot] cb49a6f84b chore(sponsor): update sponsor block (#7330) 
Co-authored-by: DigitalBrainJS <12586868+DigitalBrainJS@users.noreply.github.com>
 2026-01-19 20:27:52 +02:00
Copilot d8233d9e8e fix(types): restore AxiosError.cause type from unknown to Error (#7327) 
* Initial plan

* fix(types): restore AxiosError.cause type from unknown to Error

Co-authored-by: jasonsaayman <4814473+jasonsaayman@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: jasonsaayman <4814473+jasonsaayman@users.noreply.github.com>
 2026-01-12 16:20:00 +02:00
Tackoil 5945e40bb1 fix(interceptor): handle the error in the same interceptor (#6269) 
* fix(interceptor): handle the error in the same interceptor

* fix(interceptor): pass the config and data in promise chain

* fix(interceptor): filter out unexpected config and data in promise chain

---------

Co-authored-by: Jay <jasonsaayman@gmail.com>
 2026-01-08 21:11:34 +02:00
Adam Hines 7373fbff24 fix: main field in package.json should correspond to cjs artifacts (#5756) 
When https://github.com/axios/axios/pull/4787 was implemented, the project was switched to `"type": "module"` and "./index.js" became an esm file instead of commonjs, however, the "main" entry in package.json still points to "index.js". As a result, consumers using this field may get unexpected behavior since the main field is supposed to be commonjs if the entry is provided.

Many consumers won't run into this as a practical problem (for example when just doing `const axios = require('axios').default` from inside of a cjs file in node) because the "exports" map takes precedence over the main/module fields, but tools that don't parse the object map when resolving still run into problems here.

The fix for this is to just point the "main" entry-point to the commonjs artifacts located at "./dist/node/index.cjs".

I also added a module entrypoint to improve compatability for the cases where the export map is not used (webpack 4 for example) since that would likely be reading the cjs "main" entrypoint now that main has switched back to cjs.

Co-authored-by: Jay <jasonsaayman@gmail.com>
 2025-12-30 14:10:04 +02:00
Tibor Pilz 8d1271b49f fix(types): add handlers to AxiosInterceptorManager interface (#5551) 
* fix(types): add handlers to AxiosInterceptorManager interface

* fix: runwhen should be optional

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* chore: make handlers optional

* chore: optional handlers

---------

Co-authored-by: Tibor Pilz <tibor.pilz@iu.org>
Co-authored-by: Jay <jasonsaayman@gmail.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-12-30 13:58:26 +02:00
techcodie f8694341de docs: refresh CDN URLs and example JSON headers (#7236) 
Co-authored-by: Jay <jasonsaayman@gmail.com>
 2025-12-30 13:30:43 +02:00
SANDESH LENDVE 46db3316ac doc: update deprecated var usage in documentation examples (#7246) 
* test(http): fix HTTPS protocol test by using local HTTPS server instead of external request

* docs: update var usage in documentation examples

* docs: updated var to const

---------

Co-authored-by: Jay <jasonsaayman@gmail.com>
 2025-12-30 13:16:52 +02:00
rohit miryala d6bbb3db86 docs: add async/await timeout handling example (#7250) 
Co-authored-by: Jay <jasonsaayman@gmail.com>
 2025-12-30 13:14:19 +02:00
Ved Vadnere 3141c319c2 chore: remove unnecessary eslint-disable directive (#7283) 
Co-authored-by: Jay <jasonsaayman@gmail.com>
 2025-12-30 13:11:30 +02:00
Akash Dhar Dubey 38be3b2e18 docs: add abort controller example (#7287) 
Co-authored-by: Jay <jasonsaayman@gmail.com>
 2025-12-30 13:09:44 +02:00
Joseph Frazier bf3f63237c docs: fix typo in multipart/form-data README section (#7311) 
Co-authored-by: Jay <jasonsaayman@gmail.com>
 2025-12-30 08:10:46 +02:00
dependabot[bot] 53aa420bb2 chore(deps): bump the production_dependencies group across 1 directory with 2 updates (#7231) 
Bumps the production_dependencies group with 2 updates in the / directory: [follow-redirects](https://github.com/follow-redirects/follow-redirects) and [form-data](https://github.com/form-data/form-data).


Updates `follow-redirects` from 1.15.6 to 1.15.11
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](https://github.com/follow-redirects/follow-redirects/compare/v1.15.6...v1.15.11)

Updates `form-data` from 4.0.4 to 4.0.5
- [Release notes](https://github.com/form-data/form-data/releases)
- [Changelog](https://github.com/form-data/form-data/blob/master/CHANGELOG.md)
- [Commits](https://github.com/form-data/form-data/compare/v4.0.4...v4.0.5)

---
updated-dependencies:
- dependency-name: follow-redirects
  dependency-version: 1.15.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production_dependencies
- dependency-name: form-data
  dependency-version: 4.0.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production_dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jay <jasonsaayman@gmail.com>
 2025-12-30 08:07:33 +02:00
dependabot[bot] 25446920e3 chore(deps): bump peter-evans/create-pull-request (#7303) 
Bumps the github-actions group with 1 update: [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request).


Updates `peter-evans/create-pull-request` from 7 to 8
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](https://github.com/peter-evans/create-pull-request/compare/v7...v8)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-version: '8'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-30 08:07:11 +02:00
Lubos 9af869126b Add "API clients" section to Ecosystem (#7312) 
Moved the existing API client generators to their own section and added Hey API
 2025-12-23 10:14:39 +02:00
github-actions[bot] 21df8edc8a chore(sponsor): update sponsor block (#7308) 
Co-authored-by: DigitalBrainJS <12586868+DigitalBrainJS@users.noreply.github.com>
 2025-12-19 08:54:05 +02:00
Subhan Kumar Rai d7e6065346 fix(http2): Use port 443 for HTTPS connections by default. (#7256) 
Co-authored-by: Dmitriy Mozgovoy <robotshara@gmail.com>
 2025-12-19 02:22:38 +02:00
Akash Dhar Dubey 0bf4608d60 docs: add typescript example for custom instance (#7288) 
* docs: add abort controller example

* docs: add typescript example for custom instance

* Update server.js

* Delete examples/abort-controller/server.js

* Delete examples/abort-controller/index.html

---------

Co-authored-by: Jay <jasonsaayman@gmail.com>
 2025-12-09 10:57:25 +02:00
Jay a4230f5581 Revert "fix: silentJSONParsing=false should throw on invalid JSON (#7253) (#7…" (#7298) 
This reverts commit 7d19335e43.
 2025-12-08 14:19:20 +02:00
Nandan Acharya e0a120620e test: add Node unit tests for toFormData and refactor buildURL to avoid param reassignment (#7272) 
Co-authored-by: Jay <jasonsaayman@gmail.com>
 2025-12-08 08:22:30 +02:00
dependabot[bot] f7bdcd1b6c chore(deps-dev): bump tar-fs from 2.1.1 to 2.1.4 (#7244) 
Bumps [tar-fs](https://github.com/mafintosh/tar-fs) from 2.1.1 to 2.1.4.
- [Commits](https://github.com/mafintosh/tar-fs/compare/v2.1.1...v2.1.4)

---
updated-dependencies:
- dependency-name: tar-fs
  dependency-version: 2.1.4
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jay <jasonsaayman@gmail.com>
 2025-12-08 08:03:45 +02:00
Rudransh 7d19335e43 fix: silentJSONParsing=false should throw on invalid JSON (#7253) (#7257) 
Co-authored-by: Rudransh Gupta <rudranshgupta@Rudranshs-MacBook-Pro.local>
Co-authored-by: Jay <jasonsaayman@gmail.com>
 2025-12-06 10:45:54 +02:00
Nikunj Mochi ec9d94e9f8 feat: add Node.js coverage script using c8 (closes #7289) (#7294) 
Co-authored-by: Jay <jasonsaayman@gmail.com>
 2025-12-06 10:37:24 +02:00
dependabot[bot] 7764844686 chore(deps): bump the github-actions group across 1 directory with 2 updates (#7282) 
Bumps the github-actions group with 2 updates in the / directory: [actions/checkout](https://github.com/actions/checkout) and [ffurrer2/extract-release-notes](https://github.com/ffurrer2/extract-release-notes).


Updates `actions/checkout` from 5 to 6
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v5...v6)

Updates `ffurrer2/extract-release-notes` from 2 to 3
- [Release notes](https://github.com/ffurrer2/extract-release-notes/releases)
- [Changelog](https://github.com/ffurrer2/extract-release-notes/blob/main/CHANGELOG.md)
- [Commits](https://github.com/ffurrer2/extract-release-notes/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: ffurrer2/extract-release-notes
  dependency-version: '3'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jay <jasonsaayman@gmail.com>
 2025-12-06 10:14:04 +02:00
dependabot[bot] 5c7a5cced2 chore(deps-dev): bump js-yaml from 3.14.1 to 3.14.2 (#7296) 
Bumps [js-yaml](https://github.com/nodeca/js-yaml) from 3.14.1 to 3.14.2.
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nodeca/js-yaml/compare/3.14.1...3.14.2)

---
updated-dependencies:
- dependency-name: js-yaml
  dependency-version: 3.14.2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-06 10:02:25 +02:00
dependabot[bot] 2979a9414b chore(deps-dev): bump node-forge from 1.3.1 to 1.3.3 (#7293) 
Bumps [node-forge](https://github.com/digitalbazaar/forge) from 1.3.1 to 1.3.3.
- [Changelog](https://github.com/digitalbazaar/forge/blob/main/CHANGELOG.md)
- [Commits](https://github.com/digitalbazaar/forge/compare/v1.3.1...v1.3.3)

---
updated-dependencies:
- dependency-name: node-forge
  dependency-version: 1.3.3
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-06 09:47:38 +02:00
Anchal Singh 88d7884254 feat: enhance pipeFileToResponse with error handling (#7169) 
* Enhance pipeFileToResponse with error handling

Added error handling for file streaming in pipeFileToResponse function.

* Security: Fix path traversal vulnerability in pipeFileToResponse with input validation and error handling

Security: Enhance file streaming with comprehensive path validation

- Add path traversal protection in pipeFileToResponse function
- Implement input validation to prevent directory traversal attacks
- Improve error handling for file read operations with proper status codes
- Ensure resolved paths stay within intended directory boundaries
- Add security checks using path.resolve() and startsWith() methods
- Fix CodeQL "Uncontrolled data in path expression" vulnerability
- Maintain backward compatibility while enhancing security

---------

Co-authored-by: Jay <jasonsaayman@gmail.com>
 2025-12-05 09:12:15 +02:00
github-actions[bot] 86b2423597 chore(sponsor): update sponsor block (#7285) 
Co-authored-by: DigitalBrainJS <12586868+DigitalBrainJS@users.noreply.github.com>
 2025-12-05 09:08:26 +02:00
KT0803 8092aee724 chore: remove TODO comment and dead code from http adapter error handler (#7229) 
Remove commented-out code marked with @todo remove in the request error
handler. The code was already disabled and no longer needed.
 2025-11-18 08:40:53 +02:00
Turadg Aleahmad 860e03396a feat: compatibility with frozen prototypes (#6265) 
* fix(types): some JSDoc param defs

* fix: compatibility with HardenedJS

* Update lib/utils.js

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

---------

Co-authored-by: Jay <jasonsaayman@gmail.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-11-14 14:26:43 +02:00
Justin Dhillon 4d06112452 style: turn '()=>' into '() =>' (#6324) 
Co-authored-by: Jay <jasonsaayman@gmail.com>
 2025-11-12 21:49:37 +02:00
svihpinc f73474d02c feat(types): Intellisense for string literals in a widened union (#6134) 
- see: https://github.com/microsoft/TypeScript/issues/33471#issuecomment-1376364329

Co-authored-by: Jay <jasonsaayman@gmail.com>
 2025-11-12 21:17:57 +02:00
Justin Dhillon d5b76d4af7 style: get rid of redundency in imports (#6315) 
Co-authored-by: Jay <jasonsaayman@gmail.com>
 2025-11-12 21:11:56 +02:00
Gabriel Quaresma 6ef867e684 fix: unclear error message is thrown when specifying an empty proxy authorization (#6314) 
* fix: add AxiosError to Invalid proxy authorization

* fix: minor update

* Update test/unit/adapters/http.js

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* chore: remove redundant check

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* chore: code style

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* chore: style

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* chore: correct assert

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

---------

Co-authored-by: João Gabriel Quaresma de Almeida <joaoGabriel55>
Co-authored-by: Jay <jasonsaayman@gmail.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-11-12 21:04:39 +02:00
JohnTitor 15bf9563f6 test: correct relationship between filename and test codes (#6155) 
Co-authored-by: zhangh-cs <zhangh-cs@glodon.com>
Co-authored-by: Jay <jasonsaayman@gmail.com>
 2025-11-12 08:16:59 +02:00
Wilson Mun 65a7584eda feat: add automatic minor and patch upgrades to dependabot (#6053) 
* feat: add automatic minor and patch upgrades for npm packages used in axios

* feat: bump up pr limit to 5 for dependency upgrades

---------

Co-authored-by: Jay <jasonsaayman@gmail.com>
 2025-11-11 20:55:10 +02:00
Jake Hayes d6682b2035 chore: add options object to docstring so IDE's indicate it's available (#5999) 
Co-authored-by: Jay <jasonsaayman@gmail.com>
 2025-11-11 20:51:46 +02:00