Contributors to this release
AxiosHeaders: fix AxiosHeaders conversion to an object during config merging (#6243 ) (2656612 )import: use named export for EventEmitter; (7320430 )vulnerability: update follow-redirects to 1.15.6 (#6300 ) (8786e0f )
Contributors to this release
capture async stack only for rejections with native error objects; (#6203 ) (1a08f90 )
Contributors to this release
fixed missed dispatchBeforeRedirect argument (#5778 ) (a1938ff )
wrap errors to improve async stack trace (#5987 ) (123f354 )
Contributors to this release
ci: refactor notify action as a job of publish action; (#6176 ) (0736f95 )dns: fixed lookup error handling; (#6175 ) (f4f2b03 )
Contributors to this release
security: fixed formToJSON prototype pollution vulnerability; (#6167 ) (3c0c11c )security: fixed security vulnerability in follow-redirects (#6163 ) (75af1cd )
Contributors to this release
Regular Expression Denial of Service (ReDoS) (#6132 ) (5e7ad38 )
Contributors to this release
withXSRFToken: added withXSRFToken option as a workaround to achieve the old withCredentials behavior; (#6046 ) (cff9967 )
feat(withXSRFToken): added withXSRFToken option as a workaround to achieve the old `withCredentials` behavior; ( #6046 )
📢 This PR added 'withXSRFToken' option as a replacement for old withCredentials behaviour.
You should now use withXSRFToken along with withCredential to get the old behavior.
This functionality is considered as a fix.
Contributors to this release
formdata: fixed content-type header normalization for non-standard browser environments; (#6056 ) (dd465ab )platform: fixed emulated browser detection in node.js environment; (#6055 ) (3dc8369 )
Contributors to this release
feat(withXSRFToken): added withXSRFToken option as a workaround to achieve the old `withCredentials` behavior; ( #6046 )
📢 This PR added 'withXSRFToken' option as a replacement for old withCredentials behaviour.
You should now use withXSRFToken along with withCredential to get the old behavior.
This functionality is considered as a fix.
CSRF: fixed CSRF vulnerability CVE-2023-45857 (#6028 ) (96ee232 )dns: fixed lookup function decorator to work properly in node v20; (#6011 ) (5aaff53 )types: fix AxiosHeaders types; (#5931 ) (a1c8ad0 )
⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
Contributors to this release
adapters: improved adapters loading logic to have clear error messages; (#5919 ) (e410779 )formdata: fixed automatic addition of the Content-Type header for FormData in non-browser environments; (#5917 ) (bc9af51 )headers: allow content-encoding header to handle case-insensitive values (#5890 ) (#5892 ) (4c89f25 )types: removed duplicated code (9e62056 )
Contributors to this release
⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
adapter: make adapter loading error more clear by using platform-specific adapters explicitly (#5837 ) (9a414bb )dns: fixed cacheable-lookup integration; (#5836 ) (b3e327d )headers: added support for setting header names that overlap with class methods; (#5831 ) (d8b4ca0 )headers: fixed common Content-Type header merging; (#5832 ) (8fda276 )
Contributors to this release
⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
formdata: add multipart/form-data content type for FormData payload on custom client environments; (#5678 ) (bbb61e7 )package: export package internals with unsafe path prefix; (#5677 ) (df38c94 )
dns: added support for a custom lookup function; (#5339 ) (2701911 )types: export AxiosHeaderValue type. (#5525 ) (726f1c8 )
merge-config: optimize mergeConfig performance by avoiding duplicate key visits; (#5679 ) (e6f7053 )
Contributors to this release
⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
types: added transport to RawAxiosRequestConfig (#5445 ) (6f360a2 )utils: make isFormData detection logic stricter to avoid unnecessary calling of the toString method on the target; (#5661 ) (aa372f7 )
Contributors to this release
⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
headers: fixed isValidHeaderName to support full list of allowed characters; (#5584 ) (e7decef )params: re-added the ability to set the function as paramsSerializer config; (#5633 ) (a56c866 )
Contributors to this release
⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
blob: added a check to make sure the Blob class is available in the browser's global scope; (#5548 ) (3772c8f )http: fixed regression bug when handling synchronous errors inside the adapter; (#5564 ) (a3b246c )
Contributors to this release
⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
formdata: added a check to make sure the FormData class is available in the browser's global scope; (#5545 ) (a6dfa72 )formdata: fixed setting NaN as Content-Length for form payload in some cases; (#5535 ) (c19f7bf )headers: fixed the filtering logic of the clear method; (#5542 ) (ea87ebf )
Contributors to this release
⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
Contributors to this release
⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
formdata: add hotfix to use the asynchronous API to compute the content-length header value; (#5521 ) (96d336f )serializer: fixed serialization of array-like objects; (#5518 ) (08104c0 )
Contributors to this release
⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
fomdata: added support for spec-compliant FormData & Blob types; (#5316 ) (6ac574e )
Contributors to this release
⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
headers: added missed Authorization accessor; (#5502 ) (342c0ba )types: fixed CommonRequestHeadersList & CommonResponseHeadersList types to be private in commonJS; (#5503 ) (5a3d0a3 )
Contributors to this release
⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
types: fixed AxiosHeaders to handle spread syntax by making all methods non-enumerable; (#5499 ) (580f1e8 )
Contributors to this release
⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
types: renamed RawAxiosRequestConfig back to AxiosRequestConfig; (#5486 ) (2a71f49 )types: fix AxiosRequestConfig generic; (#5478 ) (9bce81b )
Contributors to this release
⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
types: fixed AxiosRequestConfig header interface by refactoring it to RawAxiosRequestConfig; (#5420 ) (0811963 )
Contributors to this release
⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
fix(ci): fix release script inputs #5392
fix(ci): prerelease scipts #5377
fix(ci): release scripts #5376
fix(ci): typescript tests #5375
fix: Brotli decompression #5353
fix: add missing HttpStatusCode #5345
chore(ci): set conventional-changelog header config #5406
chore(ci): fix automatic contributors resolving #5403
chore(ci): improved logging for the contributors list generator #5398
chore(ci): fix release action #5397
chore(ci): fix version bump script by adding bump argument for target version #5393
chore(deps): bump decode-uri-component from 0.2.0 to 0.2.2 #5342
chore(ci): GitHub Actions Release script #5384
chore(ci): release scripts #5364
Contributors to this release
feat(exports): export mergeConfig #5151
fix(CancelledError): include config #4922
fix(general): removing multiple/trailing/leading whitespace #5022
fix(headers): decompression for responses without Content-Length header #5306
fix(webWorker): exception to sending form data in web worker #5139
refactor(types): AxiosProgressEvent.event type to any #5308
refactor(types): add missing types for static AxiosError.from method #4956
chore(docs): remove README link to non-existent upgrade guide #5307
chore(docs): typo in issue template name #5159
Contributors to this release
⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
changed: refactored module exports #5162
change: re-added support for loading Axios with require('axios').default #5225
fix: improve AxiosHeaders class #5224
fix: TypeScript type definitions for commonjs #5196
fix: type definition of use method on AxiosInterceptorManager to match the the README #5071
fix: __dirname is not defined in the sandbox #5269
fix: AxiosError.toJSON method to avoid circular references #5247
fix: Z_BUF_ERROR when content-encoding is set but the response body is empty #5250
refactor: allowing adapters to be loaded by name #5277
chore: force CI restart #5243
chore: update ECOSYSTEM.md #5077
chore: update get/index.html #5116
chore: update Sandbox UI/UX #5205
chore:(actions): remove git credentials after checkout #5235
chore(actions): bump actions/dependency-review-action from 2 to 3 #5266
chore(packages): bump loader-utils from 1.4.1 to 1.4.2 #5295
chore(packages): bump engine.io from 6.2.0 to 6.2.1 #5294
chore(packages): bump socket.io-parser from 4.0.4 to 4.0.5 #5241
chore(packages): bump loader-utils from 1.4.0 to 1.4.1 #5245
chore(docs): update Resources links in README #5119
chore(docs): update the link for JSON url #5265
chore(docs): fix broken links #5218
chore(docs): update and rename UPGRADE_GUIDE.md to MIGRATION_GUIDE.md #5170
chore(docs): typo fix line #856 and #920 #5194
chore(docs): typo fix #800 #5193
chore(docs): fix typos #5184
chore(docs): fix punctuation in README.md #5197
chore(docs): update readme in the Handling Errors section - issue reference #5260 #5261
chore: remove \b from filename #5207
chore(docs): update CHANGELOG.md #5137
chore: add sideEffects false to package.json #5025
Contributors to this release
⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
Added custom params serializer support #5113
Fixed top-level export to keep them in-line with static properties #5109
Stopped including null values to query string. #5108
Restored proxy config backwards compatibility with 0.x #5097
Added back AxiosHeaders in AxiosHeaderValue #5103
Pin CDN install instructions to a specific version #5060
Handling of array values fixed for AxiosHeaders #5085
docs: match badge style, add link to them #5046
chore: fixing comments typo #5054
chore: update issue template #5061
chore: added progress capturing section to the docs; #5084
Contributors to this release
⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
Fixed broken exports for UMD builds.
Contributors to this release
⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
Fixed broken exports for common js. This fix breaks a prior fix, I will fix both issues ASAP but the commonJS use is more impactful.
Contributors to this release
⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
Fixed missing exports in type definition index.d.ts #5003
Fixed query params composing #5018
Fixed GenericAbortSignal interface by making it more generic #5021
Fixed adding "clear" to AxiosInterceptorManager #5010
Fixed commonjs & umd exports #5030
Fixed inability to access response headers when using axios 1.x with Jest #5036
Contributors to this release
⚠️ Critical vulnerability fix. See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459
Added stack trace to AxiosError #4624
Add AxiosError to AxiosStatic #4654
Replaced Rollup as our build runner #4596
Added generic TS types for the exposed toFormData helper #4668
Added listen callback function #4096
Added instructions for installing using PNPM #4207
Added generic AxiosAbortSignal TS interface to avoid importing AbortController polyfill #4229
Added axios-url-template in ECOSYSTEM.md #4238
Added a clear() function to the request and response interceptors object so a user can ensure that all interceptors have been removed from an axios instance #4248
Added react hook plugin #4319
Adding HTTP status code for transformResponse #4580
Added blob to the list of protocols supported by the browser #4678
Resolving proxy from env on redirect #4436
Added enhanced toFormData implementation with additional options 4704
Adding Canceler parameters config and request #4711
Added automatic payload serialization to application/x-www-form-urlencoded #4714
Added the ability for webpack users to overwrite built-ins #4715
Added string[] to AxiosRequestHeaders type #4322
Added the ability for the url-encoded-form serializer to respect the formSerializer config #4721
Added isCancel type assert #4293
Added data URL support for node.js #4725
Adding types for progress event callbacks #4675
URL params serializer #4734
Added axios.formToJSON method #4735
Bower platform add data protocol #4804
Use WHATWG URL API instead of url.parse() #4852
Add ENUM containing Http Status Codes to typings #4903
Improve typing of timeout in index.d.ts #4934
Updated AxiosError.config to be optional in the type definition #4665
Updated README emphasizing the URLSearchParam built-in interface over other solutions #4590
Include request and config when creating a CanceledError instance #4659
Changed func-names eslint rule to as-needed #4492
Replacing deprecated substr() with slice() as substr() is deprecated #4468
Updating HTTP links in README.md to use HTTPS #4387
Updated to a better trim() polyfill #4072
Updated types to allow specifying partial default headers on instance create #4185
Expanded isAxiosError types #4344
Updated type definition for axios instance methods #4224
Updated eslint config #4722
Updated Docs #4742
Refactored Axios to use ES2017 #4787
There are multiple deprecations, refactors and fixes provided in this release. Please read through the full release notes to see how this may impact your project and use case.
Removed incorrect argument for NetworkError constructor #4656
Removed Webpack #4596
Removed function that transform arguments to array #4544
Fixed grammar in README #4649
Fixed code error in README #4599
Optimized the code that checks cancellation #4587
Fix url pointing to defaults.js in README #4532
Use type alias instead of interface for AxiosPromise #4505
Fix some word spelling and lint style in code comments #4500
Edited readme with 3 updated browser icons of Chrome, FireFox and Safari #4414
Bump follow-redirects from 1.14.9 to 1.15.0 #4673
Fixing http tests to avoid hanging when assertions fail #4435
Fix TS definition for AxiosRequestTransformer #4201
Fix grammatical issues in README #4232
Fixing instance.defaults.headers type #4557
Fixed race condition on immediate requests cancellation #4261
Fixing Z_BUF_ERROR when no content #4701
Fixing proxy beforeRedirect regression #4708
Fixed AxiosError status code type #4717
Fixed AxiosError stack capturing #4718
Fixing AxiosRequestHeaders typings #4334
Fixed max body length defaults #4731
Fixed toFormData Blob issue on node>v17 #4728
Bump grunt from 1.5.2 to 1.5.3 #4743
Fixing content-type header repeated #4745
Fixed timeout error message for http 4738
Request ignores false, 0 and empty string as body values #4785
Added back missing minified builds #4805
Fixed a type error #4815
Fixed a regression bug with unsubscribing from cancel token; #4819
Remove repeated compression algorithm #4820
The error of calling extend to pass parameters #4857
SerializerOptions.indexes allows boolean | null | undefined #4862
Require interceptors to return values #4874
Removed unused imports #4949
Allow null indexes on formSerializer and paramsSerializer #4960
Set permissions for GitHub actions #4765
Included githubactions in the dependabot config #4770
Included dependency review #4771
Update security.md #4784
Remove unnecessary spaces #4854
Simplify the import path of AxiosError #4875
Fix Gitpod dead link #4941
Enable syntax highlighting for a code block #4970
Using Logo Axios in Readme.md #4993
Fix markup for note in README #4825
Fix typo and formatting, add colons #4853
Fix typo in readme #4942
Contributors to this release 
