From 22605b2bc4233f087a549dcc66046e947beac31e Mon Sep 17 00:00:00 2001
From: jinalviranii <jinalvirani@gofynd.com>
Date: Wed, 6 Mar 2024 16:48:31 +0530
Subject: [PATCH 1/4] vulnerabilities fix

---
 package-lock.json | 18 ++++++++++++------
 package.json      |  2 +-
 2 files changed, 13 insertions(+), 7 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index edc259d66..e41fc51a0 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -9,7 +9,7 @@
       "version": "1.1.2",
       "license": "ISC",
       "dependencies": {
-        "axios": "^0.27.2",
+        "axios": "^1.6.0",
         "camelcase": "^6.3.0",
         "crypto-js": "^4.1.1",
         "isomorphic-base64": "^1.0.2",
@@ -1751,12 +1751,13 @@
       "dev": true
     },
     "node_modules/axios": {
-      "version": "0.27.2",
-      "resolved": "https://registry.npmjs.org/axios/-/axios-0.27.2.tgz",
-      "integrity": "sha512-t+yRIyySRTp/wua5xEr+z1q60QmLq8ABsS5O9Me1AsE5dfKqgnCFzwiCZZ/cGNd1lq4/7akDWMxdhVlucjmnOQ==",
+      "version": "1.6.0",
+      "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.0.tgz",
+      "integrity": "sha512-EZ1DYihju9pwVB+jg67ogm+Tmqc6JmhamRN6I4Zt8DfZu5lbcQGw3ozH9lFejSJgs/ibaef3A9PMXPLeefFGJg==",
       "dependencies": {
-        "follow-redirects": "^1.14.9",
-        "form-data": "^4.0.0"
+        "follow-redirects": "^1.15.0",
+        "form-data": "^4.0.0",
+        "proxy-from-env": "^1.1.0"
       }
     },
     "node_modules/axios-cookiejar-support": {
@@ -1791,6 +1792,11 @@
         "axios": ">= 0.17.0"
       }
     },
+    "node_modules/axios/node_modules/proxy-from-env": {
+      "version": "1.1.0",
+      "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz",
+      "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg=="
+    },
     "node_modules/babel-jest": {
       "version": "29.6.0",
       "resolved": "https://registry.npmjs.org/babel-jest/-/babel-jest-29.6.0.tgz",
diff --git a/package.json b/package.json
index c40d6b5e6..f7a25fafa 100644
--- a/package.json
+++ b/package.json
@@ -12,7 +12,7 @@
   "author": "Jigar Dafda<jigar.dafda@gmail.com>",
   "license": "ISC",
   "dependencies": {
-    "axios": "^0.27.2",
+    "axios": "^1.6.0",
     "camelcase": "^6.3.0",
     "crypto-js": "^4.1.1",
     "isomorphic-base64": "^1.0.2",

From 2b54405120f40dfb7192e7810816cb1c93721ef9 Mon Sep 17 00:00:00 2001
From: jinalviranii <jinalvirani@gofynd.com>
Date: Mon, 11 Mar 2024 15:57:38 +0530
Subject: [PATCH 2/4] Fix crypto vulnerability

---
 package-lock.json | 24 ++++++++++++------------
 package.json      |  4 ++--
 2 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index e41fc51a0..9d682f1cd 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -9,9 +9,9 @@
       "version": "1.1.2",
       "license": "ISC",
       "dependencies": {
-        "axios": "^1.6.0",
+        "axios": "^1.6.4",
         "camelcase": "^6.3.0",
-        "crypto-js": "^4.1.1",
+        "crypto-js": "^4.2.0",
         "isomorphic-base64": "^1.0.2",
         "joi": "^17.7.0",
         "loglevel": "^1.8.1",
@@ -1751,11 +1751,11 @@
       "dev": true
     },
     "node_modules/axios": {
-      "version": "1.6.0",
-      "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.0.tgz",
-      "integrity": "sha512-EZ1DYihju9pwVB+jg67ogm+Tmqc6JmhamRN6I4Zt8DfZu5lbcQGw3ozH9lFejSJgs/ibaef3A9PMXPLeefFGJg==",
+      "version": "1.6.4",
+      "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.4.tgz",
+      "integrity": "sha512-heJnIs6N4aa1eSthhN9M5ioILu8Wi8vmQW9iHQ9NUvfkJb0lEEDUiIdQNAuBtfUt3FxReaKdpQA5DbmMOqzF/A==",
       "dependencies": {
-        "follow-redirects": "^1.15.0",
+        "follow-redirects": "^1.15.4",
         "form-data": "^4.0.0",
         "proxy-from-env": "^1.1.0"
       }
@@ -2397,9 +2397,9 @@
       }
     },
     "node_modules/crypto-js": {
-      "version": "4.1.1",
-      "resolved": "https://registry.npmjs.org/crypto-js/-/crypto-js-4.1.1.tgz",
-      "integrity": "sha512-o2JlM7ydqd3Qk9CA0L4NL6mTzU2sdx96a+oOfPu8Mkl/PK51vSyoi8/rQ8NknZtk44vq15lmhAj9CIAGwgeWKw=="
+      "version": "4.2.0",
+      "resolved": "https://registry.npmjs.org/crypto-js/-/crypto-js-4.2.0.tgz",
+      "integrity": "sha512-KALDyEYgpY+Rlob/iriUtjV6d5Eq+Y191A5g4UqLAi8CyGP9N1+FdVbkc1SxKc2r4YAYqG8JzO2KGL+AizD70Q=="
     },
     "node_modules/cypress": {
       "version": "9.7.0",
@@ -2949,9 +2949,9 @@
       }
     },
     "node_modules/follow-redirects": {
-      "version": "1.15.2",
-      "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.2.tgz",
-      "integrity": "sha512-VQLG33o04KaQ8uYi2tVNbdrWp1QWxNNea+nmIB4EVM28v0hmP17z7aG1+wAkNzVq4KeXTq3221ye5qTJP91JwA==",
+      "version": "1.15.5",
+      "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.5.tgz",
+      "integrity": "sha512-vSFWUON1B+yAw1VN4xMfxgn5fTUiaOzAJCKBwIIgT/+7CuGy9+r+5gITvP62j3RmaD5Ph65UaERdOSRGUzZtgw==",
       "funding": [
         {
           "type": "individual",
diff --git a/package.json b/package.json
index f7a25fafa..ac9dbce98 100644
--- a/package.json
+++ b/package.json
@@ -12,9 +12,9 @@
   "author": "Jigar Dafda<jigar.dafda@gmail.com>",
   "license": "ISC",
   "dependencies": {
-    "axios": "^1.6.0",
+    "axios": "^1.6.4",
     "camelcase": "^6.3.0",
-    "crypto-js": "^4.1.1",
+    "crypto-js": "^4.2.0",
     "isomorphic-base64": "^1.0.2",
     "joi": "^17.7.0",
     "loglevel": "^1.8.1",

From 393772eba6e8006c11126dc8023ff8653221adff Mon Sep 17 00:00:00 2001
From: jinalviranii <jinalvirani@gofynd.com>
Date: Thu, 21 Mar 2024 15:26:03 +0530
Subject: [PATCH 3/4] Fix jest issue

---
 jest.config.js            | 2 ++
 sdk/common/AxiosHelper.js | 4 ++--
 sdk/common/curlHelper.js  | 4 ++--
 3 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/jest.config.js b/jest.config.js
index 34da62517..18f48dbbb 100644
--- a/jest.config.js
+++ b/jest.config.js
@@ -13,4 +13,6 @@ module.exports = {
     "testPathIgnorePatterns": [
       "cypress/integration/standalone.spec.js"
     ]
+    ,
+    moduleDirectories: ['node_modules', 'axios/lib/helpers'],
 };
\ No newline at end of file
diff --git a/sdk/common/AxiosHelper.js b/sdk/common/AxiosHelper.js
index dc761f1bf..f5da3c36d 100644
--- a/sdk/common/AxiosHelper.js
+++ b/sdk/common/AxiosHelper.js
@@ -1,5 +1,5 @@
-const combineURLs = require("axios/lib/helpers/combineURLs");
-const isAbsoluteURL = require("axios/lib/helpers/isAbsoluteURL");
+const { combineURLs } = require("axios");
+const { isAbsoluteURL } = require("axios");
 const axios = require("axios");
 const querystring = require("query-string");
 const { sign } = require("./RequestSigner");
diff --git a/sdk/common/curlHelper.js b/sdk/common/curlHelper.js
index dfe0e6f0b..2176293ba 100644
--- a/sdk/common/curlHelper.js
+++ b/sdk/common/curlHelper.js
@@ -1,6 +1,6 @@
 const qs = require("query-string");
-const combineURLs = require("axios/lib/helpers/combineURLs");
-const isAbsoluteURL = require("axios/lib/helpers/isAbsoluteURL");
+const { combineURLs } = require("axios");
+const { isAbsoluteURL } = require("axios");
 
 let reqConfig;
 

From 63c2aeaab01adbaa7c59b62007e6e5ddee457304 Mon Sep 17 00:00:00 2001
From: jinalviranii <jinalvirani@gofynd.com>
Date: Fri, 22 Mar 2024 23:22:07 +0530
Subject: [PATCH 4/4] Fix isAbsoluteURL, combineURLs issue

---
 jest.config.js            |  1 -
 sdk/common/AxiosHelper.js |  3 +--
 sdk/common/Utility.js     | 32 ++++++++++++++++++++++++++++++++
 sdk/common/curlHelper.js  |  3 +--
 4 files changed, 34 insertions(+), 5 deletions(-)

diff --git a/jest.config.js b/jest.config.js
index 18f48dbbb..ff927b8a9 100644
--- a/jest.config.js
+++ b/jest.config.js
@@ -14,5 +14,4 @@ module.exports = {
       "cypress/integration/standalone.spec.js"
     ]
     ,
-    moduleDirectories: ['node_modules', 'axios/lib/helpers'],
 };
\ No newline at end of file
diff --git a/sdk/common/AxiosHelper.js b/sdk/common/AxiosHelper.js
index f5da3c36d..0d291b88d 100644
--- a/sdk/common/AxiosHelper.js
+++ b/sdk/common/AxiosHelper.js
@@ -1,5 +1,4 @@
-const { combineURLs } = require("axios");
-const { isAbsoluteURL } = require("axios");
+const { combineURLs, isAbsoluteURL } = require("./Utility");
 const axios = require("axios");
 const querystring = require("query-string");
 const { sign } = require("./RequestSigner");
diff --git a/sdk/common/Utility.js b/sdk/common/Utility.js
index aa84fd094..f7d568c1c 100644
--- a/sdk/common/Utility.js
+++ b/sdk/common/Utility.js
@@ -80,7 +80,39 @@ function convertActionToUrl(action) {
   }
 }
 
+// kept same as axios function
+/**
+ * Determines whether the specified URL is absolute
+ *
+ * @param {string} url The URL to test
+ *
+ * @returns {boolean} True if the specified URL is absolute, otherwise false
+ */
+function isAbsoluteURL(url) {
+  // A URL is considered absolute if it begins with "<scheme>://" or "//" (protocol-relative URL).
+  // RFC 3986 defines scheme name as a sequence of characters beginning with a letter and followed
+  // by any combination of letters, digits, plus, period, or hyphen.
+  return /^([a-z][a-z\d+\-.]*:)?\/\//i.test(url);
+}
+
+/**
+ * Creates a new URL by combining the specified URLs
+ *
+ * @param {string} baseURL The base URL
+ * @param {string} relativeURL The relative URL
+ *
+ * @returns {string} The combined URL
+ */
+function combineURLs(baseURL, relativeURL) {
+  return relativeURL
+    ? baseURL.replace(/\/?\/$/, '') + '/' + relativeURL.replace(/^\/+/, '')
+    : baseURL;
+}
+
+
 module.exports = {
   convertActionToUrl,
   convertUrlToAction,
+  isAbsoluteURL,
+  combineURLs
 };
diff --git a/sdk/common/curlHelper.js b/sdk/common/curlHelper.js
index 2176293ba..b28ef4c64 100644
--- a/sdk/common/curlHelper.js
+++ b/sdk/common/curlHelper.js
@@ -1,6 +1,5 @@
 const qs = require("query-string");
-const { combineURLs } = require("axios");
-const { isAbsoluteURL } = require("axios");
+const { combineURLs, isAbsoluteURL } = require("./Utility");
 
 let reqConfig;