razorpay
diff --git a/‎CHANGELOG.md‎
Lines changed: 9 additions & 0 deletions b/‎CHANGELOG.md‎
Lines changed: 9 additions & 0 deletions
diff --git a/‎README.md‎
Lines changed: 5 additions & 0 deletions b/‎README.md‎
Lines changed: 5 additions & 0 deletions
diff --git a/‎lib/api.js‎
Lines changed: 23 additions & 33 deletions b/‎lib/api.js‎
Lines changed: 23 additions & 33 deletions
diff --git a/‎lib/resources/accounts.js‎
Lines changed: 4 additions & 1 deletion b/‎lib/resources/accounts.js‎
Lines changed: 4 additions & 1 deletion
diff --git a/‎lib/resources/addons.js‎
Lines changed: 1 addition & 2 deletions b/‎lib/resources/addons.js‎
Lines changed: 1 addition & 2 deletions
diff --git a/‎lib/resources/documents.js‎
Lines changed: 4 additions & 1 deletion b/‎lib/resources/documents.js‎
Lines changed: 4 additions & 1 deletion
diff --git a/‎lib/resources/invoices.js‎
Lines changed: 1 addition & 2 deletions b/‎lib/resources/invoices.js‎
Lines changed: 1 addition & 2 deletions
diff --git a/‎lib/resources/paymentLink.js‎
Lines changed: 1 addition & 2 deletions b/‎lib/resources/paymentLink.js‎
Lines changed: 1 addition & 2 deletions
diff --git a/‎lib/resources/payments.js‎
Lines changed: 0 additions & 2 deletions b/‎lib/resources/payments.js‎
Lines changed: 0 additions & 2 deletions
diff --git a/‎lib/resources/plans.js‎
Lines changed: 1 addition & 2 deletions b/‎lib/resources/plans.js‎
Lines changed: 1 addition & 2 deletions
@@ -1,5 +1,14 @@
 # Changelog
 
+## 2.9.4 - 2024-05-17
+fix: Resolve SSRF vulnerability in request handling
+feat: Added new API endpoints
+- Added support for `addBankAccount`, `deleteBankAccount`, `requestEligibilityCheck` & `fetchEligibility` on customer
+- Added support for [Dispute](https://razorpay.com/docs/api/disputes/)
+- Added support for [Document](https://razorpay.com/docs/api/documents/)
+- Added support for `viewRtoReview` & `editFulfillment` on order
+- Added support for fetch all IINs Supporting native otps & fetch all IINs with business sub-type using `all`
+
 ## 2.9.3 - 2024-04-18
 fix: Type definition for Product and Customer has been updated.
 
 
@@ -125,6 +125,11 @@ instance.payments.all(
 - [Payment Verification](documents/paymentVerfication.md)
 
 - [Webhook](documents/webhook.md)
+
+- [Dispute](documents/disputes.md)
+
+- [Document](documents/documents.md)
+
 ---
 
 ## Development
 
@@ -1,6 +1,6 @@
 'use strict'
 
-const request = require('request-promise')
+const axios = require('axios').default
 const nodeify = require('./utils/nodeify')
 const {
   isNonNullObject
@@ -33,19 +33,18 @@ function getValidHeaders (headers) {
 
 function normalizeError(err) {
   throw {
-    statusCode: err.statusCode,
-    error: err.error.error
+    statusCode: err.response.status,
+    error: err.response.data.error
   }
 }
 
 class API {
   constructor(options) {
-    this.rq = request.defaults({
-      baseUrl: options.hostUrl,
-      json: true,
+    this.rq = axios.create({
+      baseURL: options.hostUrl,
       auth: {
-        user: options.key_id,
-        pass: options.key_secret
+        username: options.key_id,
+        password: options.key_secret
       },
       headers: Object.assign(
         {'User-Agent': options.ua},
@@ -61,48 +60,39 @@ class API {
   }
 
   get(params, cb) {
-    return nodeify(this.rq.get({
-      url: this.getEntityUrl(params),
-      qs: params.data,
+    return nodeify(this.rq.get(this.getEntityUrl(params), {
+      params: params.data
     }).catch(normalizeError), cb)
   }
 
   post(params, cb) {
-     let request = {
-        url: this.getEntityUrl(params),
-        body: params.data
-      };
-    return nodeify(this.rq.post(request).catch(normalizeError), cb);
+    return nodeify(this.rq.post(this.getEntityUrl(params), params.data)
+    .catch(normalizeError), cb);
   }
 
   // postFormData method for file uploads.
   postFormData(params, cb){
-    let request = {
-      url: this.getEntityUrl(params),
-      formData: params.formData
-    };
-  return nodeify(this.rq.post(request).catch(normalizeError), cb);    
+     return nodeify(this.rq.post(this.getEntityUrl(params), params.formData, {
+       'headers': {
+         'Content-Type': 'multipart/form-data'
+       }
+     })
+     .catch(normalizeError), cb);    
   }
 
   put(params, cb) {
-    return nodeify(this.rq.put({
-      url: this.getEntityUrl(params),
-      body: params.data
-    }).catch(normalizeError), cb)
+    return nodeify(this.rq.put(this.getEntityUrl(params), params.data)
+    .catch(normalizeError), cb);
   }
 
   patch(params, cb) {
-    let request = {
-      url: this.getEntityUrl(params),
-      body: params.data
-    };
-    return nodeify(this.rq.patch(request).catch(normalizeError), cb);
+    return nodeify(this.rq.patch(this.getEntityUrl(params), params.data)
+    .catch(normalizeError), cb);
   }
 
   delete(params, cb) {
-    return nodeify(this.rq.delete({
-      url: this.getEntityUrl(params)
-    }).catch(normalizeError), cb)
+    return nodeify(this.rq.delete(this.getEntityUrl(params))
+    .catch(normalizeError), cb)
   }
 }
 
 
@@ -36,10 +36,13 @@ module.exports = function (api) {
         },
 
         uploadAccountDoc(accountId, params, callback) {
+            let {file, ...rest}  = params
             return api.postFormData({
                 version: 'v2',
                 url: `${BASE_URL}/${accountId}/documents`,
-                formData: params
+                formData: {
+                    file: file.value, ...rest
+                }
             }, callback);
         },
 
 
@@ -4,8 +4,7 @@
  * DOCS: https://razorpay.com/docs/subscriptions/api/
  */
 
-const Promise = require("promise"),
-      { normalizeDate } = require('../utils/razorpay-utils');
+const { normalizeDate } = require('../utils/razorpay-utils');
 
 module.exports = function (api) {
 
 
@@ -6,9 +6,12 @@ module.exports = function (api) {
 
     return {
         create(params, callback) {
+            let {file, ...rest}  = params
             return api.postFormData({
                 url: `${BASE_URL}`,
-                formData: params
+                formData: {
+                    file: file.value, ...rest
+                }
             }, callback);
         },
 
 
@@ -4,8 +4,7 @@
  * DOCS: https://razorpay.com/docs/invoices/
  */
 
-const Promise = require("promise"),
-      { normalizeDate } = require('../utils/razorpay-utils');
+const { normalizeDate } = require('../utils/razorpay-utils');
 
 module.exports = function invoicesApi (api) {
 
 
@@ -4,8 +4,7 @@
  * DOCS: https://razorpay.com/docs/payment-links/
  */
 
-const Promise = require("promise"),
-      { normalizeDate, normalizeNotes } = require('../utils/razorpay-utils');
+const { normalizeDate } = require('../utils/razorpay-utils');
 
 module.exports = function paymentLinkApi (api) {
 
 
@@ -1,7 +1,5 @@
 'use strict'
 
-const Promise = require("promise");
-
 const { normalizeDate } = require('../utils/razorpay-utils')
 
 const ID_REQUIRED_MSG = '`payment_id` is mandatory',
 
@@ -4,8 +4,7 @@
  * DOCS: https://razorpay.com/docs/subscriptions/api/
  */
 
-const Promise = require("promise"),
-      { normalizeDate } = require('../utils/razorpay-utils');
+const { normalizeDate } = require('../utils/razorpay-utils');
 
 module.exports = function plansApi (api) {