diff --git a/.github/actions/check-public-api/index.js b/.github/actions/check-public-api/index.js index 49966cfe7c..9d283df362 100644 --- a/.github/actions/check-public-api/index.js +++ b/.github/actions/check-public-api/index.js @@ -10201,7 +10201,7 @@ module.exports = URIError; /***/ }), -/***/ 8300: +/***/ 7955: /***/ ((module) => { @@ -10222,7 +10222,7 @@ var GetIntrinsic = __nccwpck_require__(1893); var $defineProperty = GetIntrinsic('%Object.defineProperty%', true); var hasToStringTag = __nccwpck_require__(532)(); -var hasOwn = __nccwpck_require__(576); +var hasOwn = __nccwpck_require__(585); var $TypeError = __nccwpck_require__(7166); var toStringTag = hasToStringTag ? Symbol.toStringTag : null; @@ -13112,7 +13112,7 @@ var crypto = __nccwpck_require__(6982); var mime = __nccwpck_require__(2574); var asynckit = __nccwpck_require__(8915); var setToStringTag = __nccwpck_require__(8362); -var hasOwn = __nccwpck_require__(576); +var hasOwn = __nccwpck_require__(585); var populate = __nccwpck_require__(2260); /** @@ -13723,7 +13723,7 @@ module.exports = Function.prototype.bind || implementation; var undefined; -var $Object = __nccwpck_require__(8300); +var $Object = __nccwpck_require__(7955); var $Error = __nccwpck_require__(6621); var $EvalError = __nccwpck_require__(1247); @@ -13962,7 +13962,7 @@ var LEGACY_ALIASES = { }; var bind = __nccwpck_require__(7797); -var hasOwn = __nccwpck_require__(576); +var hasOwn = __nccwpck_require__(585); var $concat = bind.call($call, Array.prototype.concat); var $spliceApply = bind.call($apply, Array.prototype.splice); var $replace = bind.call($call, String.prototype.replace); @@ -14106,7 +14106,7 @@ module.exports = function GetIntrinsic(name, allowMissing) { -var $Object = __nccwpck_require__(8300); +var $Object = __nccwpck_require__(7955); /** @type {import('./Object.getPrototypeOf')} */ module.exports = $Object.getPrototypeOf || null; @@ -14344,7 +14344,7 @@ module.exports = function hasToStringTagShams() { /***/ }), -/***/ 576: +/***/ 585: /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { @@ -68422,7 +68422,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) { Object.defineProperty(exports, "__esModule", ({ value: true })); exports.isValidUrl = isValidUrl; exports.checkUrlExists = checkUrlExists; -const axios_1 = __importDefault(__nccwpck_require__(1373)); +const axios_1 = __importDefault(__nccwpck_require__(6081)); /** * Checks whether a string is a valid URL. * @param url - String to check. @@ -69138,10 +69138,10 @@ globstar while`,t,d,e,u,m),this.matchOne(t.slice(d),e.slice(u),s))return this.de /***/ }), -/***/ 1373: +/***/ 6081: /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => { -/*! Axios v1.16.1 Copyright (c) 2026 Matt Zabriskie and contributors */ +/*! Axios v1.17.0 Copyright (c) 2026 Matt Zabriskie and contributors */ var FormData$1 = __nccwpck_require__(1515); @@ -69560,7 +69560,10 @@ function merge(...objs) { if (key === '__proto__' || key === 'constructor' || key === 'prototype') { return; } - const targetKey = caseless && findKey(result, key) || key; + + // findKey lowercases the key, so caseless lookup only applies to strings — + // symbol keys are identity-matched. + const targetKey = caseless && typeof key === 'string' && findKey(result, key) || key; // Read via own-prop only — a bare `result[targetKey]` walks the prototype // chain, so a polluted Object.prototype value could surface here and get // copied into the merged result. @@ -69576,7 +69579,21 @@ function merge(...objs) { } }; for (let i = 0, l = objs.length; i < l; i++) { - objs[i] && forEach(objs[i], assignValue); + const source = objs[i]; + if (!source || isBuffer(source)) { + continue; + } + forEach(source, assignValue); + if (typeof source !== 'object' || isArray(source)) { + continue; + } + const symbols = Object.getOwnPropertySymbols(source); + for (let j = 0; j < symbols.length; j++) { + const symbol = symbols[j]; + if (propertyIsEnumerable.call(source, symbol)) { + assignValue(source[symbol], symbol); + } + } } return result; } @@ -69793,6 +69810,9 @@ const toCamelCase = str => { const hasOwnProperty = (({ hasOwnProperty }) => (obj, prop) => hasOwnProperty.call(obj, prop))(Object.prototype); +const { + propertyIsEnumerable +} = Object.prototype; /** * Determine if a value is a RegExp object @@ -70177,7 +70197,7 @@ class AxiosHeaders { function setHeader(_value, _header, _rewrite) { const lHeader = normalizeHeader(_header); if (!lHeader) { - throw new Error('header name must be a non-empty string'); + return; } const key = utils$1.findKey(self, lHeader); if (!key || self[key] === undefined || _rewrite === true || _rewrite === undefined && self[key] !== false) { @@ -70195,7 +70215,7 @@ class AxiosHeaders { key; for (const entry of header) { if (!utils$1.isArray(entry)) { - throw TypeError('Object iterator must return a key-value pair'); + throw new TypeError('Object iterator must return a key-value pair'); } obj[key = entry[0]] = (dest = obj[key]) ? utils$1.isArray(dest) ? [...dest, entry[1]] : [dest, entry[1]] : entry[1]; } @@ -70673,7 +70693,7 @@ function toFormData(obj, formData, options) { throw new AxiosError('Object is too deeply nested (' + depth + ' levels). Max depth: ' + maxDepth, AxiosError.ERR_FORM_DATA_DEPTH_EXCEEDED); } if (stack.indexOf(value) !== -1) { - throw Error('Circular reference detected in ' + path.join('.')); + throw new Error('Circular reference detected in ' + path.join('.')); } stack.push(value); utils$1.forEach(value, function each(el, key) { @@ -70855,7 +70875,8 @@ var transitionalDefaults = { silentJSONParsing: true, forcedJSONParsing: true, clarifyTimeoutError: false, - legacyInterceptorReqResOrdering: true + legacyInterceptorReqResOrdering: true, + advertiseZstdAcceptEncoding: false }; var URLSearchParams = url.URLSearchParams; @@ -71356,7 +71377,7 @@ function getEnv(key) { return process.env[key.toLowerCase()] || process.env[key.toUpperCase()] || ''; } -const VERSION = "1.16.1"; +const VERSION = "1.17.0"; function parseProtocol(url) { const match = /^([-+\w]{1,25}):(?:\/\/)?/.exec(url); @@ -71595,10 +71616,10 @@ const formDataToStream = (form, headersHandler, options) => { boundary = tag + '-' + platform.generateString(size, BOUNDARY_ALPHABET) } = options || {}; if (!utils$1.isFormData(form)) { - throw TypeError('FormData instance required'); + throw new TypeError('FormData instance required'); } if (boundary.length < 1 || boundary.length > 70) { - throw Error('boundary must be 1-70 characters long'); + throw new Error('boundary must be 1-70 characters long'); } const boundaryBytes = textEncoder.encode('--' + boundary + CRLF); const footerBytes = textEncoder.encode('--' + boundary + '--' + CRLF); @@ -71648,6 +71669,84 @@ class ZlibHeaderTransformStream extends stream.Transform { } } +class Http2Sessions { + constructor() { + this.sessions = Object.create(null); + } + getSession(authority, options) { + options = Object.assign({ + sessionTimeout: 1000 + }, options); + let authoritySessions = this.sessions[authority]; + if (authoritySessions) { + let len = authoritySessions.length; + for (let i = 0; i < len; i++) { + const [sessionHandle, sessionOptions] = authoritySessions[i]; + if (!sessionHandle.destroyed && !sessionHandle.closed && util.isDeepStrictEqual(sessionOptions, options)) { + return sessionHandle; + } + } + } + const session = http2.connect(authority, options); + let removed; + let timer; + const removeSession = () => { + if (removed) { + return; + } + removed = true; + if (timer) { + clearTimeout(timer); + timer = null; + } + let entries = authoritySessions, + len = entries.length, + i = len; + while (i--) { + if (entries[i][0] === session) { + if (len === 1) { + delete this.sessions[authority]; + } else { + entries.splice(i, 1); + } + if (!session.closed) { + session.close(); + } + return; + } + } + }; + const originalRequestFn = session.request; + const { + sessionTimeout + } = options; + if (sessionTimeout != null) { + let streamsCount = 0; + session.request = function () { + const stream = originalRequestFn.apply(this, arguments); + streamsCount++; + if (timer) { + clearTimeout(timer); + timer = null; + } + stream.once('close', () => { + if (! --streamsCount) { + timer = setTimeout(() => { + timer = null; + removeSession(); + }, sessionTimeout); + } + }); + return stream; + }; + } + session.once('close', removeSession); + let entry = [session, options]; + authoritySessions ? authoritySessions.push(entry) : authoritySessions = this.sessions[authority] = [entry]; + return session; + } +} + const callbackify = (fn, reducer) => { return utils$1.isAsyncFn(fn) ? function (...args) { const cb = args.pop(); @@ -72013,7 +72112,14 @@ const brotliOptions = { flush: zlib.constants.BROTLI_OPERATION_FLUSH, finishFlush: zlib.constants.BROTLI_OPERATION_FLUSH }; +const zstdOptions = { + flush: zlib.constants.ZSTD_e_flush, + finishFlush: zlib.constants.ZSTD_e_flush +}; const isBrotliSupported = utils$1.isFunction(zlib.createBrotliDecompress); +const isZstdSupported = utils$1.isFunction(zlib.createZstdDecompress); +const ACCEPT_ENCODING = 'gzip, compress, deflate' + (isBrotliSupported ? ', br' : ''); +const ACCEPT_ENCODING_WITH_ZSTD = ACCEPT_ENCODING + (isZstdSupported ? ', zstd' : ''); const { http: httpFollow, https: httpsFollow @@ -72061,6 +72167,19 @@ function getTunnelingAgent(agentOptions, userHttpsAgent) { ...agentOptions } : agentOptions; agent = new HttpsProxyAgent(merged); + if (userHttpsAgent && userHttpsAgent.options) { + const originTLSOptions = { + ...userHttpsAgent.options + }; + const callback = agent.callback; + agent.callback = function axiosTunnelingAgentCallback(req, opts) { + // HttpsProxyAgent v5 reads callback opts for the post-CONNECT origin TLS upgrade. + return callback.call(this, req, { + ...originTLSOptions, + ...opts + }); + }; + } agent[kAxiosInstalledTunnel] = true; cache.set(key, agent); return agent; @@ -72073,7 +72192,7 @@ const supportedProtocols = platform.protocols.map(protocol => { // Decode before composing the `auth` option so credentials such as // `my%40email.com:pass` are sent as `my@email.com:pass`. Falls back to the // original value for malformed input so a bad encoding never throws. -const decodeURIComponentSafe = value => { +const decodeURIComponentSafe$1 = value => { if (!utils$1.isString(value)) { return value; } @@ -72087,84 +72206,11 @@ const flushOnFinish = (stream, [throttled, flush]) => { stream.on('end', flush).on('error', flush); return throttled; }; -class Http2Sessions { - constructor() { - this.sessions = Object.create(null); - } - getSession(authority, options) { - options = Object.assign({ - sessionTimeout: 1000 - }, options); - let authoritySessions = this.sessions[authority]; - if (authoritySessions) { - let len = authoritySessions.length; - for (let i = 0; i < len; i++) { - const [sessionHandle, sessionOptions] = authoritySessions[i]; - if (!sessionHandle.destroyed && !sessionHandle.closed && util.isDeepStrictEqual(sessionOptions, options)) { - return sessionHandle; - } - } - } - const session = http2.connect(authority, options); - let removed; - const removeSession = () => { - if (removed) { - return; - } - removed = true; - let entries = authoritySessions, - len = entries.length, - i = len; - while (i--) { - if (entries[i][0] === session) { - if (len === 1) { - delete this.sessions[authority]; - } else { - entries.splice(i, 1); - } - if (!session.closed) { - session.close(); - } - return; - } - } - }; - const originalRequestFn = session.request; - const { - sessionTimeout - } = options; - if (sessionTimeout != null) { - let timer; - let streamsCount = 0; - session.request = function () { - const stream = originalRequestFn.apply(this, arguments); - streamsCount++; - if (timer) { - clearTimeout(timer); - timer = null; - } - stream.once('close', () => { - if (! --streamsCount) { - timer = setTimeout(() => { - timer = null; - removeSession(); - }, sessionTimeout); - } - }); - return stream; - }; - } - session.once('close', removeSession); - let entry = [session, options]; - authoritySessions ? authoritySessions.push(entry) : authoritySessions = this.sessions[authority] = [entry]; - return session; - } -} const http2Sessions = new Http2Sessions(); /** - * If the proxy or config beforeRedirects functions are defined, call them with the options - * object. + * If the proxy, auth, or config beforeRedirects functions are defined, call them + * with the options object. * * @param {Object} options - The options object that was passed to the request. * @@ -72174,6 +72220,9 @@ function dispatchBeforeRedirect(options, responseDetails, requestDetails) { if (options.beforeRedirects.proxy) { options.beforeRedirects.proxy(options); } + if (options.beforeRedirects.auth) { + options.beforeRedirects.auth(options); + } if (options.beforeRedirects.config) { options.beforeRedirects.config(options, responseDetails, requestDetails); } @@ -72409,6 +72458,7 @@ const http2Transport = { var httpAdapter = isHttpAdapterSupported && function httpAdapter(config) { return wrapAsync(async function dispatchHttpRequest(resolve, reject, onDone) { const own = key => utils$1.hasOwnProp(config, key) ? config[key] : undefined; + const transitional = own('transitional') || transitionalDefaults; let data = own('data'); let lookup = own('lookup'); let family = own('family'); @@ -72448,7 +72498,7 @@ var httpAdapter = isHttpAdapterSupported && function httpAdapter(config) { try { abortEmitter.emit('abort', !reason || reason.type ? new CanceledError(null, config, req) : reason); } catch (err) { - console.warn('emit error', err); + // ignore emit errors } } function clearConnectPhaseTimer() { @@ -72459,7 +72509,6 @@ var httpAdapter = isHttpAdapterSupported && function httpAdapter(config) { } function createTimeoutError() { let timeoutErrorMessage = config.timeout ? 'timeout of ' + config.timeout + 'ms exceeded' : 'timeout exceeded'; - const transitional = config.transitional || transitionalDefaults; if (config.timeoutErrorMessage) { timeoutErrorMessage = config.timeoutErrorMessage; } @@ -72632,9 +72681,9 @@ var httpAdapter = isHttpAdapterSupported && function httpAdapter(config) { const password = configAuth.password || ''; auth = username + ':' + password; } - if (!auth && parsed.username) { - const urlUsername = decodeURIComponentSafe(parsed.username); - const urlPassword = decodeURIComponentSafe(parsed.password); + if (!auth && (parsed.username || parsed.password)) { + const urlUsername = decodeURIComponentSafe$1(parsed.username); + const urlPassword = decodeURIComponentSafe$1(parsed.password); auth = urlUsername + ':' + urlPassword; } auth && headers.delete('authorization'); @@ -72648,7 +72697,7 @@ var httpAdapter = isHttpAdapterSupported && function httpAdapter(config) { customErr.exists = true; return reject(customErr); } - headers.set('Accept-Encoding', 'gzip, compress, deflate' + (isBrotliSupported ? ', br' : ''), false); + headers.set('Accept-Encoding', utils$1.hasOwnProp(transitional, 'advertiseZstdAcceptEncoding') && transitional.advertiseZstdAcceptEncoding === true ? ACCEPT_ENCODING_WITH_ZSTD : ACCEPT_ENCODING, false); // Null-prototype to block prototype pollution gadgets on properties read // directly by Node's http.request (e.g. insecureHTTPParser, lookup). @@ -72670,19 +72719,21 @@ var httpAdapter = isHttpAdapterSupported && function httpAdapter(config) { // cacheable-lookup integration hotfix !utils$1.isUndefined(lookup) && (options.lookup = lookup); - if (config.socketPath) { - if (typeof config.socketPath !== 'string') { + const socketPath = own('socketPath'); + if (socketPath) { + if (typeof socketPath !== 'string') { return reject(new AxiosError('socketPath must be a string', AxiosError.ERR_BAD_OPTION_VALUE, config)); } - if (config.allowedSocketPaths != null) { - const allowed = Array.isArray(config.allowedSocketPaths) ? config.allowedSocketPaths : [config.allowedSocketPaths]; - const resolvedSocket = path.resolve(config.socketPath); + const allowedSocketPaths = own('allowedSocketPaths'); + if (allowedSocketPaths != null) { + const allowed = Array.isArray(allowedSocketPaths) ? allowedSocketPaths : [allowedSocketPaths]; + const resolvedSocket = path.resolve(socketPath); const isAllowed = allowed.some(entry => typeof entry === 'string' && path.resolve(entry) === resolvedSocket); if (!isAllowed) { - return reject(new AxiosError(`socketPath "${config.socketPath}" is not permitted by allowedSocketPaths`, AxiosError.ERR_BAD_OPTION_VALUE, config)); + return reject(new AxiosError(`socketPath "${socketPath}" is not permitted by allowedSocketPaths`, AxiosError.ERR_BAD_OPTION_VALUE, config)); } } - options.socketPath = config.socketPath; + options.socketPath = socketPath; } else { options.hostname = parsed.hostname.startsWith('[') ? parsed.hostname.slice(1, -1) : parsed.hostname; options.port = parsed.port; @@ -72713,6 +72764,23 @@ var httpAdapter = isHttpAdapterSupported && function httpAdapter(config) { if (configBeforeRedirect) { options.beforeRedirects.config = configBeforeRedirect; } + if (auth) { + // Restore HTTP Basic credentials on same-origin redirects only. + // follow-redirects >= 1.15.8 strips Authorization on every redirect (see #6929); + // cross-origin stripping is the documented mitigation for T-R2 in THREATMODEL.md + // and is preserved by deliberately not restoring on origin change. + const requestOrigin = parsed.origin; + const authToRestore = auth; + options.beforeRedirects.auth = function beforeRedirectAuth(redirectOptions) { + try { + if (new URL(redirectOptions.href).origin === requestOrigin) { + redirectOptions.auth = authToRestore; + } + } catch (e) { + // ignore malformed URL: leaving auth stripped is fail-safe + } + }; + } transport = isHttpsRequest ? httpsFollow : httpFollow; } } @@ -72781,6 +72849,13 @@ var httpAdapter = isHttpAdapterSupported && function httpAdapter(config) { streams.push(zlib.createBrotliDecompress(brotliOptions)); delete res.headers['content-encoding']; } + break; + case 'zstd': + if (isZstdSupported) { + streams.push(zlib.createZstdDecompress(zstdOptions)); + delete res.headers['content-encoding']; + } + break; } } responseStream = streams.length > 1 ? stream.pipeline(streams, utils$1.noop) : streams[0]; @@ -73192,8 +73267,8 @@ function setFormDataHeaders(headers, formHeaders, policy) { * * @returns {string} UTF-8 bytes as a Latin-1 string */ -const encodeUTF8 = str => encodeURIComponent(str).replace(/%([0-9A-F]{2})/gi, (_, hex) => String.fromCharCode(parseInt(hex, 16))); -var resolveConfig = config => { +const encodeUTF8$1 = str => encodeURIComponent(str).replace(/%([0-9A-F]{2})/gi, (_, hex) => String.fromCharCode(parseInt(hex, 16))); +function resolveConfig(config) { const newConfig = mergeConfig({}, config); // Read only own properties to prevent prototype pollution gadgets @@ -73209,15 +73284,15 @@ var resolveConfig = config => { const allowAbsoluteUrls = own('allowAbsoluteUrls'); const url = own('url'); newConfig.headers = headers = AxiosHeaders.from(headers); - newConfig.url = buildURL(buildFullPath(baseURL, url, allowAbsoluteUrls), config.params, config.paramsSerializer); + newConfig.url = buildURL(buildFullPath(baseURL, url, allowAbsoluteUrls), own('params'), own('paramsSerializer')); // HTTP basic authentication if (auth) { - headers.set('Authorization', 'Basic ' + btoa((auth.username || '') + ':' + (auth.password ? encodeUTF8(auth.password) : ''))); + headers.set('Authorization', 'Basic ' + btoa((auth.username || '') + ':' + (auth.password ? encodeUTF8$1(auth.password) : ''))); } if (utils$1.isFormData(data)) { - if (platform.hasStandardBrowserEnv || platform.hasStandardBrowserWebWorkerEnv) { - headers.setContentType(undefined); // browser handles it + if (platform.hasStandardBrowserEnv || platform.hasStandardBrowserWebWorkerEnv || utils$1.isReactNative(data)) { + headers.setContentType(undefined); // browser/web worker/RN handles it } else if (utils$1.isFunction(data.getHeaders)) { // Node.js FormData (like form-data package) setFormDataHeaders(headers, data.getHeaders(), own('formDataHeaderPolicy')); @@ -73245,7 +73320,7 @@ var resolveConfig = config => { } } return newConfig; -}; +} const isXHRAdapterSupported = typeof XMLHttpRequest !== 'undefined'; var xhrAdapter = isXHRAdapterSupported && function (config) { @@ -73546,6 +73621,31 @@ const DEFAULT_CHUNK_SIZE = 64 * 1024; const { isFunction } = utils$1; + +/** + * Encode a UTF-8 string to a Latin-1 byte string for use with btoa(). + * This is a modern replacement for the deprecated unescape(encodeURIComponent(str)) pattern. + * + * @param {string} str The string to encode + * + * @returns {string} UTF-8 bytes as a Latin-1 string + */ +const encodeUTF8 = str => encodeURIComponent(str).replace(/%([0-9A-F]{2})/gi, (_, hex) => String.fromCharCode(parseInt(hex, 16))); + +// Node's WHATWG URL parser returns `username` and `password` percent-encoded. +// Decode before composing the `auth` option so credentials such as +// `my%40email.com:pass` are sent as `my@email.com:pass`. Falls back to the +// original value for malformed input so a bad encoding never throws. +const decodeURIComponentSafe = value => { + if (!utils$1.isString(value)) { + return value; + } + try { + return decodeURIComponent(value); + } catch (error) { + return value; + } +}; const test = (fn, ...args) => { try { return !!fn(...args); @@ -73553,6 +73653,14 @@ const test = (fn, ...args) => { return false; } }; +const maybeWithAuthCredentials = url => { + const protocolIndex = url.indexOf('://'); + let urlToCheck = url; + if (protocolIndex !== -1) { + urlToCheck = urlToCheck.slice(protocolIndex + 3); + } + return urlToCheck.includes('@') || urlToCheck.includes(':'); +}; const factory = env => { const globalObject = utils$1.global !== undefined && utils$1.global !== null ? utils$1.global : globalThis; const { @@ -73656,6 +73764,7 @@ const factory = env => { } = resolveConfig(config); const hasMaxContentLength = utils$1.isNumber(maxContentLength) && maxContentLength > -1; const hasMaxBodyLength = utils$1.isNumber(maxBodyLength) && maxBodyLength > -1; + const own = key => utils$1.hasOwnProp(config, key) ? config[key] : undefined; let _fetch = envFetch || fetch; responseType = responseType ? (responseType + '').toLowerCase() : 'text'; let composedSignal = composeSignals([signal, cancelToken && cancelToken.toAbortSignal()], timeout); @@ -73665,6 +73774,38 @@ const factory = env => { }); let requestContentLength; try { + // HTTP basic authentication + let auth = undefined; + const configAuth = own('auth'); + if (configAuth) { + const username = configAuth.username || ''; + const password = configAuth.password || ''; + auth = { + username, + password + }; + } + if (maybeWithAuthCredentials(url)) { + const parsedURL = new URL(url, platform.origin); + if (!auth && (parsedURL.username || parsedURL.password)) { + const urlUsername = decodeURIComponentSafe(parsedURL.username); + const urlPassword = decodeURIComponentSafe(parsedURL.password); + auth = { + username: urlUsername, + password: urlPassword + }; + } + if (parsedURL.username || parsedURL.password) { + parsedURL.username = ''; + parsedURL.password = ''; + url = parsedURL.href; + } + } + if (auth) { + headers.delete('authorization'); + headers.set('Authorization', 'Basic ' + btoa(encodeUTF8((auth.username || '') + ':' + (auth.password || '')))); + } + // Enforce maxContentLength for data: URLs up-front so we never materialize // an oversized payload. The HTTP adapter applies the same check (see http.js // "if (protocol === 'data:')" branch). @@ -74181,7 +74322,8 @@ class Axios { silentJSONParsing: validators.transitional(validators.boolean), forcedJSONParsing: validators.transitional(validators.boolean), clarifyTimeoutError: validators.transitional(validators.boolean), - legacyInterceptorReqResOrdering: validators.transitional(validators.boolean) + legacyInterceptorReqResOrdering: validators.transitional(validators.boolean), + advertiseZstdAcceptEncoding: validators.transitional(validators.boolean) }, false); } if (paramsSerializer != null) { diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 6507a986e0..3cba0ebba5 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -49,7 +49,7 @@ importers: version: 1.4.6 axios: specifier: ^1.15.0 - version: 1.16.1 + version: 1.17.0 depcheck: specifier: ^1.4.7 version: 1.4.7 @@ -326,7 +326,7 @@ importers: version: 1.3.3 axios: specifier: ^1.15.0 - version: 1.16.1 + version: 1.17.0 jks-js: specifier: ^1.1.6 version: 1.1.7 @@ -509,7 +509,7 @@ importers: version: link:../util axios: specifier: ^1.15.0 - version: 1.16.1 + version: 1.17.0 devDependencies: '@sap-cloud-sdk/test-util-internal': specifier: workspace:^ @@ -663,7 +663,7 @@ importers: version: link:../util axios: specifier: ^1.15.0 - version: 1.16.1 + version: 1.17.0 devDependencies: '@sap-cloud-sdk/test-util-internal': specifier: workspace:^ @@ -746,7 +746,7 @@ importers: version: 1.3.3 axios: specifier: ^1.15.0 - version: 1.16.1 + version: 1.17.0 opossum: specifier: ^9.0.0 version: 9.0.0 @@ -821,7 +821,7 @@ importers: dependencies: axios: specifier: ^1.15.0 - version: 1.16.1 + version: 1.17.0 logform: specifier: ^2.7.0 version: 2.7.0 @@ -903,7 +903,7 @@ importers: version: 9.9.2(@eslint/js@10.0.1(eslint@10.4.1))(tar@7.5.13) axios: specifier: ^1.15.0 - version: 1.16.1 + version: 1.17.0 bignumber.js: specifier: ^11.0.0 version: 11.1.2 @@ -972,7 +972,7 @@ importers: version: 4.13.0 axios: specifier: ^1.15.0 - version: 1.16.1 + version: 1.17.0 devDependencies: '@jest/globals': specifier: ^30.3.0 @@ -2725,8 +2725,8 @@ packages: resolution: {integrity: sha512-wvUjBtSGN7+7SjNpq/9M2Tg350UZD3q62IFZLbRAR1bSMlCo1ZaeW+BJ+D090e4hIIZLBcTDWe4Mh4jvUDajzQ==} engines: {node: '>= 0.4'} - axios@1.16.1: - resolution: {integrity: sha512-caYkukvroVPO8KrzuJEb50Hm07KwfBZPEC3VeFHTsqWHvKTsy54hjJz9BS/cdaypROE2rH6xvm9mHX4fgWkr3A==} + axios@1.17.0: + resolution: {integrity: sha512-J8SwNxprqqpbfenehxWYXE7CW+wM1BB4w3+N+g+/Wx40xM4rsLrfPmHHxSWIxJLYDgSY/HqlFPIYb2/S3rxafw==} b4a@1.8.1: resolution: {integrity: sha512-aiqre1Nr0B/6DgE2N5vwTc+2/oQZ4Wh1t4NznYY4E00y8LCt6NqdRv81so00oo27D8MVKTpUa/MwUUtBLXCoDw==} @@ -3403,10 +3403,6 @@ packages: resolution: {integrity: sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==} engines: {node: '>= 0.4'} - es-object-atoms@1.1.1: - resolution: {integrity: sha512-FGgH2h8zKNim9ljj7dankFPcICIK9Cp5bm+c2gQSYePhpaG5+esrLODihIorn+Pe6FGJzWhXQotPv73jTaldXA==} - engines: {node: '>= 0.4'} - es-object-atoms@1.1.2: resolution: {integrity: sha512-HWcBoN6NileqtSydK2FqHbS/LoDd2pqrnQHLyJzBj4kOp/ky2MWMN694xOfkK8/SnUsW2DH7EfyVlydKCsm1Zw==} engines: {node: '>= 0.4'} @@ -4011,10 +4007,6 @@ packages: resolution: {integrity: sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==} engines: {node: '>= 0.4'} - hasown@2.0.3: - resolution: {integrity: sha512-ej4AhfhfL2Q2zpMmLo7U1Uv9+PyhIZpgQLGT1F9miIGmiCJIoCgSmczFdrc97mWT4kVY72KA+WnnhJ5pghSvSg==} - engines: {node: '>= 0.4'} - hasown@2.0.4: resolution: {integrity: sha512-T2UbfbBEF32wiepXIsMlTW9+dDYC6wMh/t/vYA4tuOMKqWz/n3vr1NFSxQiyP+zk2mXsoMA/i/7qV6LKut1t1A==} engines: {node: '>= 0.4'} @@ -5359,8 +5351,8 @@ packages: react-is@18.3.1: resolution: {integrity: sha512-/LLMVyas0ljjAtoYiPqYiL8VWXzUUdThrmU5+n20DZv+a+ClRoevUzw5JxU+Ieh5/c87ytoTBV9G1FiKfNJdmg==} - react-is@19.2.6: - resolution: {integrity: sha512-XjBR15BhXuylgWGuslhDKqlSayuqvqBX91BP8pauG8kd1zY8kotkNWbXksTCNRarse4kuGbe2kIY05ARtwNIvw==} + react-is@19.2.7: + resolution: {integrity: sha512-kZFnouyVv7eP/Phmrlo9FK+zcAdriZJvzxXHF1Sl1P377WSGe2G/JxVolhTrB/jeV47lKImhNUsijjHAAbcl/A==} read-pkg-up@7.0.1: resolution: {integrity: sha512-zK0TB7Xd6JpCLmlLmufqykGE+/TlOePD6qKClNW7hHDKFh/J7/7gCWGR7joEQEW1bKq3a3yUZSObOoWLFQ4ohg==} @@ -8164,7 +8156,7 @@ snapshots: possible-typed-array-names: 1.1.0 optional: true - axios@1.16.1: + axios@1.17.0: dependencies: follow-redirects: 1.16.0 form-data: 4.0.5 @@ -8897,21 +8889,16 @@ snapshots: es-errors@1.3.0: {} - es-object-atoms@1.1.1: - dependencies: - es-errors: 1.3.0 - es-object-atoms@1.1.2: dependencies: es-errors: 1.3.0 - optional: true es-set-tostringtag@2.1.0: dependencies: es-errors: 1.3.0 get-intrinsic: 1.3.0 has-tostringtag: 1.0.2 - hasown: 2.0.3 + hasown: 2.0.4 es-shim-unscopables@1.1.0: dependencies: @@ -9420,7 +9407,7 @@ snapshots: asynckit: 0.4.0 combined-stream: 1.0.8 es-set-tostringtag: 2.1.0 - hasown: 2.0.3 + hasown: 2.0.4 mime-types: 2.1.35 forwarded@0.2.0: {} @@ -9488,12 +9475,12 @@ snapshots: call-bind-apply-helpers: 1.0.2 es-define-property: 1.0.1 es-errors: 1.3.0 - es-object-atoms: 1.1.1 + es-object-atoms: 1.1.2 function-bind: 1.1.2 get-proto: 1.0.1 gopd: 1.2.0 has-symbols: 1.1.0 - hasown: 2.0.3 + hasown: 2.0.4 math-intrinsics: 1.1.0 get-own-enumerable-property-symbols@3.0.2: {} @@ -9503,7 +9490,7 @@ snapshots: get-proto@1.0.1: dependencies: dunder-proto: 1.0.1 - es-object-atoms: 1.1.1 + es-object-atoms: 1.1.2 get-stream@5.2.0: dependencies: @@ -9651,14 +9638,9 @@ snapshots: dependencies: function-bind: 1.1.2 - hasown@2.0.3: - dependencies: - function-bind: 1.1.2 - hasown@2.0.4: dependencies: function-bind: 1.1.2 - optional: true hdb@2.27.1: dependencies: @@ -11226,7 +11208,7 @@ snapshots: '@jest/schemas': 30.4.1 ansi-styles: 5.2.0 react-is-18: react-is@18.3.1 - react-is-19: react-is@19.2.6 + react-is-19: react-is@19.2.7 pretty-ms@7.0.1: dependencies: @@ -11337,7 +11319,7 @@ snapshots: react-is@18.3.1: {} - react-is@19.2.6: {} + react-is@19.2.7: {} read-pkg-up@7.0.1: dependencies: