58 KiB
58 KiB
Changelog
1.7.4 (2024-08-13)
Bug Fixes
- sec: CVE-2024-39338 (#6539) (#6543) (6b6b605)
- sec: disregard protocol-relative URL to remediate SSRF (#6539) (07a661a)
Contributors to this release
1.7.3 (2024-08-01)
Bug Fixes
- adapter: fix progress event emitting; (#6518) (e3c76fc)
- fetch: fix withCredentials request config (#6505) (85d4d0e)
- xhr: return original config on errors from XHR adapter (#6515) (8966ee7)
Contributors to this release
1.7.2 (2024-05-21)
Bug Fixes
Contributors to this release
1.7.1 (2024-05-20)
Bug Fixes
- fetch: fixed ReferenceError issue when TextEncoder is not available in the environment; (#6410) (733f15f)
Contributors to this release
1.7.0 (2024-05-19)
Features
Bug Fixes
Contributors to this release
1.7.0-beta.2 (2024-05-19)
Bug Fixes
- fetch: capitalize HTTP method names; (#6395) (ad3174a)
- fetch: fix & optimize progress capturing for cases when the request data has a nullish value or zero data length (#6400) (95a3e8e)
- fetch: fix headers getting from a stream response; (#6401) (870e0a7)
Contributors to this release
1.7.0-beta.1 (2024-05-07)
Bug Fixes
- core/axios: handle un-writable error stack (#6362) (81e0455)
- fetch: fix cases when ReadableStream or Response.body are not available; (#6377) (d1d359d)
- fetch: treat fetch-related TypeError as an AxiosError.ERR_NETWORK error; (#6380) (bb5f9a5)
Contributors to this release
1.7.0-beta.0 (2024-04-28)
Features
Contributors to this release
1.6.8 (2024-03-15)
Bug Fixes
- AxiosHeaders: fix AxiosHeaders conversion to an object during config merging (#6243) (2656612)
- import: use named export for EventEmitter; (7320430)
- vulnerability: update follow-redirects to 1.15.6 (#6300) (8786e0f)
Contributors to this release
1.6.7 (2024-01-25)
Bug Fixes
Contributors to this release
1.6.6 (2024-01-24)
Bug Fixes
- fixed missed dispatchBeforeRedirect argument (#5778) (a1938ff)
- wrap errors to improve async stack trace (#5987) (123f354)
Contributors to this release
1.6.5 (2024-01-05)
Bug Fixes
- ci: refactor notify action as a job of publish action; (#6176) (0736f95)
- dns: fixed lookup error handling; (#6175) (f4f2b03)
Contributors to this release
1.6.4 (2024-01-03)
Bug Fixes
- security: fixed formToJSON prototype pollution vulnerability; (#6167) (3c0c11c)
- security: fixed security vulnerability in follow-redirects (#6163) (75af1cd)
Contributors to this release
1.6.3 (2023-12-26)
Bug Fixes
Contributors to this release
1.6.2 (2023-11-14)
Features
- withXSRFToken: added withXSRFToken option as a workaround to achieve the old
withCredentials
behavior; (#6046) (cff9967)
PRs
- feat(withXSRFToken): added withXSRFToken option as a workaround to achieve the old `withCredentials` behavior; ( #6046 )
📢 This PR added 'withXSRFToken' option as a replacement for old withCredentials behaviour.
You should now use withXSRFToken along with withCredential to get the old behavior.
This functionality is considered as a fix.
Contributors to this release
1.6.1 (2023-11-08)
Bug Fixes
- formdata: fixed content-type header normalization for non-standard browser environments; (#6056) (dd465ab)
- platform: fixed emulated browser detection in node.js environment; (#6055) (3dc8369)
Contributors to this release
PRs
- feat(withXSRFToken): added withXSRFToken option as a workaround to achieve the old `withCredentials` behavior; ( #6046 )
📢 This PR added 'withXSRFToken' option as a replacement for old withCredentials behaviour.
You should now use withXSRFToken along with withCredential to get the old behavior.
This functionality is considered as a fix.
1.6.0 (2023-10-26)
Bug Fixes
- CSRF: fixed CSRF vulnerability CVE-2023-45857 (#6028) (96ee232)
- dns: fixed lookup function decorator to work properly in node v20; (#6011) (5aaff53)
- types: fix AxiosHeaders types; (#5931) (a1c8ad0)
PRs
- CVE 2023 45857 ( #6028 )
⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
Contributors to this release
1.5.1 (2023-09-26)
Bug Fixes
- adapters: improved adapters loading logic to have clear error messages; (#5919) (e410779)
- formdata: fixed automatic addition of the
Content-Type
header for FormData in non-browser environments; (#5917) (bc9af51) - headers: allow
content-encoding
header to handle case-insensitive values (#5890) (#5892) (4c89f25) - types: removed duplicated code (9e62056)
Contributors to this release
PRs
- CVE 2023 45857 ( #6028 )
⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
1.5.0 (2023-08-26)
Bug Fixes
- adapter: make adapter loading error more clear by using platform-specific adapters explicitly (#5837) (9a414bb)
- dns: fixed
cacheable-lookup
integration; (#5836) (b3e327d) - headers: added support for setting header names that overlap with class methods; (#5831) (d8b4ca0)
- headers: fixed common Content-Type header merging; (#5832) (8fda276)
Features
- export getAdapter function (#5324) (ca73eb8)
- export: export adapters without
unsafe
prefix (#5839) (1601f4a)
Contributors to this release
PRs
- CVE 2023 45857 ( #6028 )
⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
1.4.0 (2023-04-27)
Bug Fixes
- formdata: add
multipart/form-data
content type for FormData payload on custom client environments; (#5678) (bbb61e7) - package: export package internals with unsafe path prefix; (#5677) (df38c94)
Features
- dns: added support for a custom lookup function; (#5339) (2701911)
- types: export
AxiosHeaderValue
type. (#5525) (726f1c8)
Performance Improvements
Contributors to this release
PRs
- CVE 2023 45857 ( #6028 )
⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
1.3.6 (2023-04-19)
Bug Fixes
- types: added transport to RawAxiosRequestConfig (#5445) (6f360a2)
- utils: make isFormData detection logic stricter to avoid unnecessary calling of the
toString
method on the target; (#5661) (aa372f7)
Contributors to this release
PRs
- CVE 2023 45857 ( #6028 )
⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
1.3.5 (2023-04-05)
Bug Fixes
- headers: fixed isValidHeaderName to support full list of allowed characters; (#5584) (e7decef)
- params: re-added the ability to set the function as
paramsSerializer
config; (#5633) (a56c866)
Contributors to this release
PRs
- CVE 2023 45857 ( #6028 )
⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
1.3.4 (2023-02-22)
Bug Fixes
- blob: added a check to make sure the Blob class is available in the browser's global scope; (#5548) (3772c8f)
- http: fixed regression bug when handling synchronous errors inside the adapter; (#5564) (a3b246c)
Contributors to this release
PRs
- CVE 2023 45857 ( #6028 )
⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
1.3.3 (2023-02-13)
Bug Fixes
- formdata: added a check to make sure the FormData class is available in the browser's global scope; (#5545) (a6dfa72)
- formdata: fixed setting NaN as Content-Length for form payload in some cases; (#5535) (c19f7bf)
- headers: fixed the filtering logic of the clear method; (#5542) (ea87ebf)
Contributors to this release
PRs
- CVE 2023 45857 ( #6028 )
⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
1.3.2 (2023-02-03)
Bug Fixes
- http: treat http://localhost as base URL for relative paths to avoid
ERR_INVALID_URL
error; (#5528) (128d56f) - http: use explicit import instead of TextEncoder global; (#5530) (6b3c305)
Contributors to this release
PRs
- CVE 2023 45857 ( #6028 )
⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
1.3.1 (2023-02-01)
Bug Fixes
- formdata: add hotfix to use the asynchronous API to compute the content-length header value; (#5521) (96d336f)
- serializer: fixed serialization of array-like objects; (#5518) (08104c0)
Contributors to this release
PRs
- CVE 2023 45857 ( #6028 )
⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
1.3.0 (2023-01-31)
Bug Fixes
- headers: fixed & optimized clear method; (#5507) (9915635)
- http: add zlib headers if missing (#5497) (65e8d1e)
Features
Contributors to this release
PRs
- CVE 2023 45857 ( #6028 )
⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
1.2.6 (2023-01-28)
Bug Fixes
- headers: added missed Authorization accessor; (#5502) (342c0ba)
- types: fixed
CommonRequestHeadersList
&CommonResponseHeadersList
types to be private in commonJS; (#5503) (5a3d0a3)
Contributors to this release
PRs
- CVE 2023 45857 ( #6028 )
⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
1.2.5 (2023-01-26)
Bug Fixes
- types: fixed AxiosHeaders to handle spread syntax by making all methods non-enumerable; (#5499) (580f1e8)
Contributors to this release
PRs
- CVE 2023 45857 ( #6028 )
⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
1.2.4 (2023-01-22)
Bug Fixes
- types: renamed
RawAxiosRequestConfig
back toAxiosRequestConfig
; (#5486) (2a71f49) - types: fix
AxiosRequestConfig
generic; (#5478) (9bce81b)
Contributors to this release
PRs
- CVE 2023 45857 ( #6028 )
⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
1.2.3 (2023-01-10)
Bug Fixes
- types: fixed AxiosRequestConfig header interface by refactoring it to RawAxiosRequestConfig; (#5420) (0811963)
Contributors to this release
PRs
- CVE 2023 45857 ( #6028 )
⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
[1.2.2] - 2022-12-29
Fixed
- fix(ci): fix release script inputs #5392
- fix(ci): prerelease scipts #5377
- fix(ci): release scripts #5376
- fix(ci): typescript tests #5375
- fix: Brotli decompression #5353
- fix: add missing HttpStatusCode #5345
Chores
- chore(ci): set conventional-changelog header config #5406
- chore(ci): fix automatic contributors resolving #5403
- chore(ci): improved logging for the contributors list generator #5398
- chore(ci): fix release action #5397
- chore(ci): fix version bump script by adding bump argument for target version #5393
- chore(deps): bump decode-uri-component from 0.2.0 to 0.2.2 #5342
- chore(ci): GitHub Actions Release script #5384
- chore(ci): release scripts #5364
Contributors to this release
[1.2.1] - 2022-12-05
Changed
- feat(exports): export mergeConfig #5151
Fixed
- fix(CancelledError): include config #4922
- fix(general): removing multiple/trailing/leading whitespace #5022
- fix(headers): decompression for responses without Content-Length header #5306
- fix(webWorker): exception to sending form data in web worker #5139
Refactors
- refactor(types): AxiosProgressEvent.event type to any #5308
- refactor(types): add missing types for static AxiosError.from method #4956
Chores
- chore(docs): remove README link to non-existent upgrade guide #5307
- chore(docs): typo in issue template name #5159
Contributors to this release
- Dmitriy Mozgovoy
- Zachary Lysobey
- Kevin Ennis
- Philipp Loose
- secondl1ght
- wenzheng
- Ivan Barsukov
- Arthur Fiorette
PRs
- CVE 2023 45857 ( #6028 )
⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
[1.2.0] - 2022-11-10
Changed
- changed: refactored module exports #5162
- change: re-added support for loading Axios with require('axios').default #5225
Fixed
- fix: improve AxiosHeaders class #5224
- fix: TypeScript type definitions for commonjs #5196
- fix: type definition of use method on AxiosInterceptorManager to match the the README #5071
- fix: __dirname is not defined in the sandbox #5269
- fix: AxiosError.toJSON method to avoid circular references #5247
- fix: Z_BUF_ERROR when content-encoding is set but the response body is empty #5250
Refactors
- refactor: allowing adapters to be loaded by name #5277
Chores
- chore: force CI restart #5243
- chore: update ECOSYSTEM.md #5077
- chore: update get/index.html #5116
- chore: update Sandbox UI/UX #5205
- chore:(actions): remove git credentials after checkout #5235
- chore(actions): bump actions/dependency-review-action from 2 to 3 #5266
- chore(packages): bump loader-utils from 1.4.1 to 1.4.2 #5295
- chore(packages): bump engine.io from 6.2.0 to 6.2.1 #5294
- chore(packages): bump socket.io-parser from 4.0.4 to 4.0.5 #5241
- chore(packages): bump loader-utils from 1.4.0 to 1.4.1 #5245
- chore(docs): update Resources links in README #5119
- chore(docs): update the link for JSON url #5265
- chore(docs): fix broken links #5218
- chore(docs): update and rename UPGRADE_GUIDE.md to MIGRATION_GUIDE.md #5170
- chore(docs): typo fix line #856 and #920 #5194
- chore(docs): typo fix #800 #5193
- chore(docs): fix typos #5184
- chore(docs): fix punctuation in README.md #5197
- chore(docs): update readme in the Handling Errors section - issue reference #5260 #5261
- chore: remove \b from filename #5207
- chore(docs): update CHANGELOG.md #5137
- chore: add sideEffects false to package.json #5025
Contributors to this release
- Maddy Miller
- Amit Saini
- ecyrbe
- Ikko Ashimine
- Geeth Gunnampalli
- Shreem Asati
- Frieder Bluemle
- 윤세영
- Claudio Busatto
- Remco Haszing
- Dmitriy Mozgovoy
- Csaba Maulis
- MoPaMo
- Daniel Fjeldstad
- Adrien Brunet
- Frazer Smith
- HaiTao
- AZM
- relbns
PRs
- CVE 2023 45857 ( #6028 )
⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
[1.1.3] - 2022-10-15
Added
- Added custom params serializer support #5113
Fixed
- Fixed top-level export to keep them in-line with static properties #5109
- Stopped including null values to query string. #5108
- Restored proxy config backwards compatibility with 0.x #5097
- Added back AxiosHeaders in AxiosHeaderValue #5103
- Pin CDN install instructions to a specific version #5060
- Handling of array values fixed for AxiosHeaders #5085
Chores
- docs: match badge style, add link to them #5046
- chore: fixing comments typo #5054
- chore: update issue template #5061
- chore: added progress capturing section to the docs; #5084
Contributors to this release
- Jason Saayman
- scarf
- Lenz Weber-Tronic
- Arvindh
- Félix Legrelle
- Patrick Petrovic
- Dmitriy Mozgovoy
- littledian
- ChronosMasterOfAllTime
PRs
- CVE 2023 45857 ( #6028 )
⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
[1.1.2] - 2022-10-07
Fixed
- Fixed broken exports for UMD builds.
Contributors to this release
PRs
- CVE 2023 45857 ( #6028 )
⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
[1.1.1] - 2022-10-07
Fixed
- Fixed broken exports for common js. This fix breaks a prior fix, I will fix both issues ASAP but the commonJS use is more impactful.
Contributors to this release
PRs
- CVE 2023 45857 ( #6028 )
⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
[1.1.0] - 2022-10-06
Fixed
- Fixed missing exports in type definition index.d.ts #5003
- Fixed query params composing #5018
- Fixed GenericAbortSignal interface by making it more generic #5021
- Fixed adding "clear" to AxiosInterceptorManager #5010
- Fixed commonjs & umd exports #5030
- Fixed inability to access response headers when using axios 1.x with Jest #5036
Contributors to this release
PRs
- CVE 2023 45857 ( #6028 )
⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
[1.0.0] - 2022-10-04
Added
- Added stack trace to AxiosError #4624
- Add AxiosError to AxiosStatic #4654
- Replaced Rollup as our build runner #4596
- Added generic TS types for the exposed toFormData helper #4668
- Added listen callback function #4096
- Added instructions for installing using PNPM #4207
- Added generic AxiosAbortSignal TS interface to avoid importing AbortController polyfill #4229
- Added axios-url-template in ECOSYSTEM.md #4238
- Added a clear() function to the request and response interceptors object so a user can ensure that all interceptors have been removed from an axios instance #4248
- Added react hook plugin #4319
- Adding HTTP status code for transformResponse #4580
- Added blob to the list of protocols supported by the browser #4678
- Resolving proxy from env on redirect #4436
- Added enhanced toFormData implementation with additional options 4704
- Adding Canceler parameters config and request #4711
- Added automatic payload serialization to application/x-www-form-urlencoded #4714
- Added the ability for webpack users to overwrite built-ins #4715
- Added string[] to AxiosRequestHeaders type #4322
- Added the ability for the url-encoded-form serializer to respect the formSerializer config #4721
- Added isCancel type assert #4293
- Added data URL support for node.js #4725
- Adding types for progress event callbacks #4675
- URL params serializer #4734
- Added axios.formToJSON method #4735
- Bower platform add data protocol #4804
- Use WHATWG URL API instead of url.parse() #4852
- Add ENUM containing Http Status Codes to typings #4903
- Improve typing of timeout in index.d.ts #4934
Changed
- Updated AxiosError.config to be optional in the type definition #4665
- Updated README emphasizing the URLSearchParam built-in interface over other solutions #4590
- Include request and config when creating a CanceledError instance #4659
- Changed func-names eslint rule to as-needed #4492
- Replacing deprecated substr() with slice() as substr() is deprecated #4468
- Updating HTTP links in README.md to use HTTPS #4387
- Updated to a better trim() polyfill #4072
- Updated types to allow specifying partial default headers on instance create #4185
- Expanded isAxiosError types #4344
- Updated type definition for axios instance methods #4224
- Updated eslint config #4722
- Updated Docs #4742
- Refactored Axios to use ES2017 #4787
Deprecated
- There are multiple deprecations, refactors and fixes provided in this release. Please read through the full release notes to see how this may impact your project and use case.
Removed
- Removed incorrect argument for NetworkError constructor #4656
- Removed Webpack #4596
- Removed function that transform arguments to array #4544
Fixed
- Fixed grammar in README #4649
- Fixed code error in README #4599
- Optimized the code that checks cancellation #4587
- Fix url pointing to defaults.js in README #4532
- Use type alias instead of interface for AxiosPromise #4505
- Fix some word spelling and lint style in code comments #4500
- Edited readme with 3 updated browser icons of Chrome, FireFox and Safari #4414
- Bump follow-redirects from 1.14.9 to 1.15.0 #4673
- Fixing http tests to avoid hanging when assertions fail #4435
- Fix TS definition for AxiosRequestTransformer #4201
- Fix grammatical issues in README #4232
- Fixing instance.defaults.headers type #4557
- Fixed race condition on immediate requests cancellation #4261
- Fixing Z_BUF_ERROR when no content #4701
- Fixing proxy beforeRedirect regression #4708
- Fixed AxiosError status code type #4717
- Fixed AxiosError stack capturing #4718
- Fixing AxiosRequestHeaders typings #4334
- Fixed max body length defaults #4731
- Fixed toFormData Blob issue on node>v17 #4728
- Bump grunt from 1.5.2 to 1.5.3 #4743
- Fixing content-type header repeated #4745
- Fixed timeout error message for http 4738
- Request ignores false, 0 and empty string as body values #4785
- Added back missing minified builds #4805
- Fixed a type error #4815
- Fixed a regression bug with unsubscribing from cancel token; #4819
- Remove repeated compression algorithm #4820
- The error of calling extend to pass parameters #4857
- SerializerOptions.indexes allows boolean | null | undefined #4862
- Require interceptors to return values #4874
- Removed unused imports #4949
- Allow null indexes on formSerializer and paramsSerializer #4960
Chores
- Set permissions for GitHub actions #4765
- Included githubactions in the dependabot config #4770
- Included dependency review #4771
- Update security.md #4784
- Remove unnecessary spaces #4854
- Simplify the import path of AxiosError #4875
- Fix Gitpod dead link #4941
- Enable syntax highlighting for a code block #4970
- Using Logo Axios in Readme.md #4993
- Fix markup for note in README #4825
- Fix typo and formatting, add colons #4853
- Fix typo in readme #4942
Security
- Update SECURITY.md #4687
Contributors to this release
- Bertrand Marron
- Dmitriy Mozgovoy
- Dan Mooney
- Michael Li
- aong
- Des Preston
- Ted Robertson
- zhoulixiang
- Arthur Fiorette
- Kumar Shanu
- JALAL
- Jingyi Lin
- Philipp Loose
- Alexander Shchukin
- Dave Cardwell
- Cat Scarlet
- Luca Pizzini
- Kai
- Maxime Bargiel
- Brian Helba
- reslear
- Jamie Slome
- Landro3
- rafw87
- Afzal Sayed
- Koki Oyatsu
- Dave
- 暴走老七
- Spencer
- Adrian Wieprzkowicz
- Jamie Telin
- 毛呆
- Kirill Shakirov
- Rraji Abdelbari
- Jelle Schutter
- Tom Ceuppens
- Johann Cooper
- Dimitris Halatsis
- chenjigeng
- João Gabriel Quaresma
- Victor Augusto
- neilnaveen
- Pavlos
- Kiryl Valkovich
- Naveen
- wenzheng
- hcwhan
- Bassel Rachid
- Grégoire Pineau
- felipedamin
- Karl Horky
- Yue JIN
- Usman Ali Siddiqui
- WD
- Günther Foidl
- Stephen Jennings
- C.T.Lin
- mia-z
- Parth Banathia
- parth0105pluang
- Marco Weber
- Luca Pizzini
- Willian Agostini
- Huyen Nguyen