From 85dd8ea18b6df09f9b0b1391f2d18d161745f7f5 Mon Sep 17 00:00:00 2001
From: Aleh Zasypkin <aleh.zasypkin@elastic.co>
Date: Mon, 4 May 2026 14:08:41 +0200
Subject: [PATCH] =?UTF-8?q?chore(axios,security-generative-ai)=20Remove=20?=
 =?UTF-8?q?axios=20dependency=20in=20favor=20=E2=80=A6=20(#266771)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

## Summary

This PR removes the `axios` dependency for files owned by
`@elastic/security-generative-ai`. Phase 1.1 of the axios migration
tracked under #266556.

### Why

Node.js 22 ships a native `fetch` API built on undici, and every browser
Kibana targets supports `fetch` natively. Removing axios cuts one
runtime dependency and continues the per-team rollout that mirrors the
earlier node-fetch migration
([#250719](https://github.com/elastic/kibana/pull/250719) and siblings).

### Changes

- Migrated `create_conversations_script.ts` (a developer seed script
fetching the connector list) from `axios.get` to `fetch`.
- Migrated `create_and_login_users.js` (a developer script that creates
test users via the Elasticsearch security API) from `axios.get` /
`axios.put` to `fetch`. Three call sites: role lookup, role create, user
create. Basic auth was previously passed via axios's `auth: { username,
password }` option; native fetch strips `user:pass@` URL credentials, so
it now goes through an `Authorization: Basic <base64>` header.
- Removed the entire
`x-pack/solutions/security/plugins/elastic_assistant/scripts/` entry
from `AXIOS_LEGACY_CONSUMERS` in `.eslintrc.js`. New axios usage
anywhere in this directory is now blocked by the existing global ban.

### Behavior parity

Native fetch does not throw on non-2xx, so each call site explicitly
checks `res.ok` / `res.status`. The previous status-based branches (404
fall-through on role check, 409 informational on user create) are
preserved with the same logging and `return err` shape. The diff is
intentionally minimal: variable names, comment placement, try-catch
structure, and error-return semantics from the original axios code are
kept.

Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
(cherry picked from commit 0643d49acfbfd8dfdc758e88ecfa0c767f02a30f)

# Conflicts:
#	x-pack/solutions/security/plugins/elastic_assistant/scripts/create_and_login_users.js
---
 .eslintrc.js                                    |  1 -
 .../scripts/create_conversations_script.ts      | 17 ++++++++++++-----
 2 files changed, 12 insertions(+), 6 deletions(-)

diff --git a/.eslintrc.js b/.eslintrc.js
index 761896837ad8f..4a52717e5bc5a 100644
--- a/.eslintrc.js
+++ b/.eslintrc.js
@@ -341,7 +341,6 @@ const AXIOS_LEGACY_CONSUMERS = [
   'x-pack/solutions/observability/test/profiling_cypress/**/*.{js,mjs,ts,tsx}',
   'x-pack/solutions/search/test/functional_enterprise_search/artifact_manager.ts',
   'x-pack/solutions/security/packages/kbn-securitysolution-utils/src/axios/**/*.{js,mjs,ts,tsx}',
-  'x-pack/solutions/security/plugins/elastic_assistant/scripts/**/*.{js,mjs,ts,tsx,jsx}',
   'x-pack/solutions/security/plugins/security_solution/common/endpoint/data_loaders/**/*.{js,mjs,ts,tsx}',
   'x-pack/solutions/security/plugins/security_solution/common/endpoint/format_axios_error.ts',
   'x-pack/solutions/security/plugins/security_solution/common/endpoint/utils/**/*.{js,mjs,ts,tsx}',
diff --git a/x-pack/solutions/security/plugins/elastic_assistant/scripts/create_conversations_script.ts b/x-pack/solutions/security/plugins/elastic_assistant/scripts/create_conversations_script.ts
index 636e256c92377..0261ab3f2b5ec 100644
--- a/x-pack/solutions/security/plugins/elastic_assistant/scripts/create_conversations_script.ts
+++ b/x-pack/solutions/security/plugins/elastic_assistant/scripts/create_conversations_script.ts
@@ -9,7 +9,6 @@ import { randomBytes } from 'node:crypto';
 import yargs from 'yargs/yargs';
 import { ToolingLog } from '@kbn/tooling-log';
 import { Client } from '@elastic/elasticsearch';
-import axios from 'axios';
 import pLimit from 'p-limit';
 import { API_VERSIONS } from '@kbn/elastic-assistant-common';
 import { CreateMessageSchema } from '../server/ai_assistant_data_clients/conversations/types';
@@ -52,12 +51,20 @@ export const create = async () => {
 
   try {
     logger.info(`Fetching available connectors...`);
-    const { data: connectors } = await axios.get(connectorsApiUrl, {
+    const connectorsResponse = await fetch(connectorsApiUrl, {
       headers: requestHeaders,
     });
-    const aiConnectors = connectors.filter(
-      ({ connector_type_id: connectorTypeId }: { connector_type_id: string }) =>
-        AllowedActionTypeIds.includes(connectorTypeId)
+    if (!connectorsResponse.ok) {
+      throw new Error(
+        `Failed to fetch connectors from ${connectorsApiUrl}: ${connectorsResponse.status} ${connectorsResponse.statusText}`
+      );
+    }
+    const connectors = (await connectorsResponse.json()) as Array<{
+      id: string;
+      connector_type_id: string;
+    }>;
+    const aiConnectors = connectors.filter(({ connector_type_id: connectorTypeId }) =>
+      AllowedActionTypeIds.includes(connectorTypeId)
     );
     if (aiConnectors.length === 0) {
       throw new Error('No AI connectors found, create an AI connector to use this script');