chore(axios,security-engineering-productivity): remove axios from run_cypress scripts#267684
Merged
azasypkin merged 1 commit intoelastic:mainfrom May 5, 2026
Merged
Conversation
azasypkin
added
chore
release_note:skip
Contributor
💛 Build succeeded, but was flaky
Failed CI StepsMetrics [docs]
cc @azasypkin |
TamerlanG
approved these changes
May 5, 2026
dkirchan
approved these changes
May 5, 2026
| Authorization: `ApiKey ${this.apiKey}`, | ||
| 'Content-Type': 'application/json', | ||
| }, | ||
| body: JSON.stringify(body), |
Contributor
There was a problem hiding this comment.
Is JSON.stringify(body) really needed here? In axios its not needed so I guess it does the serialization behind the scenes if its needed indeed. Right?
Contributor
Author
There was a problem hiding this comment.
Right! Responded in Slack, but will duplicate here for the records:
Axios does JSON.stringify for request body (+adds a correct Content-Type) and JSON.parse for response body automatically. The native fetch is more low-level, it only accepts strings, Blob, FormData, ArrayBuffer, URLSearchParams, or a ReadableStream for a request body (if one passes object it will just call toString() on it that will result into something like "[Object]") and requires consumers to parse body manually with json(), text() and so on (e.g. for perf reasons you might not want to call JSON.parse automatically and pay for that).
Using native fetch requires more boilerplate for sure, maybe eventually, when we all use fetch we can have some higher-level abstraction
Contributor
|
Starting backport for target branches: 8.19, 9.2, 9.3, 9.4 https://github.com/elastic/kibana/actions/runs/25378278491 |
This was referenced May 5, 2026
Contributor
💔 Some backports could not be created
Note: Successful backport PRs will be merged automatically after passing CI. Manual backportTo create the backport manually run: Questions ?Please refer to the Backport tool documentation |
kibanamachine
added a commit
that referenced
this pull request
May 5, 2026
…om run_cypress scripts (#267684) (#267733) # Backport This will backport the following commits from `main` to `9.3`: - [chore(axios,security-engineering-productivity): remove axios from run_cypress scripts (#267684)](#267684) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Aleh Zasypkin","email":"aleh.zasypkin@elastic.co"},"sourceCommit":{"committedDate":"2026-05-05T13:08:17Z","message":"chore(axios,security-engineering-productivity): remove axios from run_cypress scripts (#267684)\n\n## Summary\n\n**NOTE TO CODE OWNERS:** I'm modifying code I don't own day to day.\nPlease verify the changes still work as expected - for these migrations\na quick run of the affected scripts/tests is worth more than a code-only\nreview.\n\nThis PR removes the `axios` dependency for files owned by\n`@elastic/security-engineering-productivity`. Phase 3 of the axios\nmigration tracked under #266556.\n\n### Why\n\nNode.js 22 ships a native `fetch` API built on undici, and every browser\nKibana targets supports `fetch` natively. Removing axios cuts one\nruntime dependency and continues the per-team rollout that mirrors the\nearlier node-fetch migration\n([#250719](#250719) and siblings).\n\n### Changes\n\nThree files under\n`x-pack/solutions/security/plugins/security_solution/scripts/run_cypress/`,\nall developer/CI scripts that spin up serverless test projects and poll\ntheir readiness:\n\n- `parallel_serverless.ts` - 5 axios calls (proxy healthcheck, ES\n`_cluster/health`, Kibana `/api/status`, ES root, Kibana login).\nReplaced with `fetch` + explicit `res.ok` check + typed `await\nres.json()`. Dropped the `.catch(catchAxiosErrorFormatAndThrow)`\nwrappers that wrapped AxiosError into FormattedAxiosError; replaced with\ninline `throw new Error('${response.status}:${await response.text()}')`\nthat preserves status+body in the error message. Folded `'Content-Type':\n'application/json'` into the module-private `API_HEADERS` constant and\nunwrapped `[ELASTIC_HTTP_VERSION_HEADER]: [INITIAL_REST_VERSION]` to a\nbare string - axios was setting Content-Type implicitly for object\nbodies and silently joining the single-element array, neither of which\nfetch does.\n- `cloud_project_handler.ts` - 4 axios calls (create project, delete\nproject, reset credentials, status poll).\n- `proxy_project_handler.ts` - same shape as `cloud_project_handler.ts`\nwith proxy-specific URLs.\n\nBoth project_handler files: catch blocks previously had an `if (error\ninstanceof AxiosError) { log status:data } else { log message }` branch;\nwith fetch the AxiosError branch is now dead, so they collapse to a\nsingle `this.log.error(${error.message})`. The thrown error's message\ncontains `${status}:${responseBody}` to preserve the same diagnostic\ncontent.\n\nThe retry callbacks' `error instanceof AxiosError && error.code ===\n'ENOTFOUND'` checks (used to log a friendlier \"URL not yet reachable\"\nmessage during DNS failures) were replaced with `(error as { cause?: {\ncode?: string } }).cause?.code === 'ENOTFOUND'` — Node fetch wraps the\nunderlying network error on `error.cause`, so DNS failures still surface\nwith `cause.code === 'ENOTFOUND'`. The one retry callback in\n`proxyHealthcheck` previously guarded its log behind `if (error\ninstanceof AxiosError)`; with fetch every error reaching that callback\nis HTTP/network-related, so the guard is dropped and the parameter\nomitted.\n\nRemoved the corresponding `run_cypress/` entries from\n`AXIOS_LEGACY_CONSUMERS` in `.eslintrc.js`. New axios usage anywhere in\nthis directory is now blocked by the existing global ban.\n\n### Behavior parity\n\n- Status-based retry decisions unchanged: `res.ok` is true exactly for\n2xx, matching axios's auto-throw on non-2xx + `error.response.status ===\n200` checks.\n- ENOTFOUND detection unchanged: fetch's wrapped `cause.code` matches\naxios's `code` for DNS failures.\n- Error log content preserved: messages still include status code and\nresponse body where the original did.\n- The `catchAxiosErrorFormatAndThrow` import (which would have required\nmigrating the `format_axios_error.ts` utility owned by\n`@elastic/security-defend-workflows`) is no longer needed; that utility\nstays as-is for its other consumers and will be migrated in a later\nphase.","sha":"cbbfb6d9139df3fcb8a07ae05b9dc484f580d6dd","branchLabelMapping":{"^v9.5.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["chore","release_note:skip","dependencies","backport:all-open","v9.5.0"],"title":"chore(axios,security-engineering-productivity): remove axios from run_cypress scripts","number":267684,"url":"https://github.com/elastic/kibana/pull/267684","mergeCommit":{"message":"chore(axios,security-engineering-productivity): remove axios from run_cypress scripts (#267684)\n\n## Summary\n\n**NOTE TO CODE OWNERS:** I'm modifying code I don't own day to day.\nPlease verify the changes still work as expected - for these migrations\na quick run of the affected scripts/tests is worth more than a code-only\nreview.\n\nThis PR removes the `axios` dependency for files owned by\n`@elastic/security-engineering-productivity`. Phase 3 of the axios\nmigration tracked under #266556.\n\n### Why\n\nNode.js 22 ships a native `fetch` API built on undici, and every browser\nKibana targets supports `fetch` natively. Removing axios cuts one\nruntime dependency and continues the per-team rollout that mirrors the\nearlier node-fetch migration\n([#250719](#250719) and siblings).\n\n### Changes\n\nThree files under\n`x-pack/solutions/security/plugins/security_solution/scripts/run_cypress/`,\nall developer/CI scripts that spin up serverless test projects and poll\ntheir readiness:\n\n- `parallel_serverless.ts` - 5 axios calls (proxy healthcheck, ES\n`_cluster/health`, Kibana `/api/status`, ES root, Kibana login).\nReplaced with `fetch` + explicit `res.ok` check + typed `await\nres.json()`. Dropped the `.catch(catchAxiosErrorFormatAndThrow)`\nwrappers that wrapped AxiosError into FormattedAxiosError; replaced with\ninline `throw new Error('${response.status}:${await response.text()}')`\nthat preserves status+body in the error message. Folded `'Content-Type':\n'application/json'` into the module-private `API_HEADERS` constant and\nunwrapped `[ELASTIC_HTTP_VERSION_HEADER]: [INITIAL_REST_VERSION]` to a\nbare string - axios was setting Content-Type implicitly for object\nbodies and silently joining the single-element array, neither of which\nfetch does.\n- `cloud_project_handler.ts` - 4 axios calls (create project, delete\nproject, reset credentials, status poll).\n- `proxy_project_handler.ts` - same shape as `cloud_project_handler.ts`\nwith proxy-specific URLs.\n\nBoth project_handler files: catch blocks previously had an `if (error\ninstanceof AxiosError) { log status:data } else { log message }` branch;\nwith fetch the AxiosError branch is now dead, so they collapse to a\nsingle `this.log.error(${error.message})`. The thrown error's message\ncontains `${status}:${responseBody}` to preserve the same diagnostic\ncontent.\n\nThe retry callbacks' `error instanceof AxiosError && error.code ===\n'ENOTFOUND'` checks (used to log a friendlier \"URL not yet reachable\"\nmessage during DNS failures) were replaced with `(error as { cause?: {\ncode?: string } }).cause?.code === 'ENOTFOUND'` — Node fetch wraps the\nunderlying network error on `error.cause`, so DNS failures still surface\nwith `cause.code === 'ENOTFOUND'`. The one retry callback in\n`proxyHealthcheck` previously guarded its log behind `if (error\ninstanceof AxiosError)`; with fetch every error reaching that callback\nis HTTP/network-related, so the guard is dropped and the parameter\nomitted.\n\nRemoved the corresponding `run_cypress/` entries from\n`AXIOS_LEGACY_CONSUMERS` in `.eslintrc.js`. New axios usage anywhere in\nthis directory is now blocked by the existing global ban.\n\n### Behavior parity\n\n- Status-based retry decisions unchanged: `res.ok` is true exactly for\n2xx, matching axios's auto-throw on non-2xx + `error.response.status ===\n200` checks.\n- ENOTFOUND detection unchanged: fetch's wrapped `cause.code` matches\naxios's `code` for DNS failures.\n- Error log content preserved: messages still include status code and\nresponse body where the original did.\n- The `catchAxiosErrorFormatAndThrow` import (which would have required\nmigrating the `format_axios_error.ts` utility owned by\n`@elastic/security-defend-workflows`) is no longer needed; that utility\nstays as-is for its other consumers and will be migrated in a later\nphase.","sha":"cbbfb6d9139df3fcb8a07ae05b9dc484f580d6dd"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.5.0","branchLabelMappingKey":"^v9.5.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/267684","number":267684,"mergeCommit":{"message":"chore(axios,security-engineering-productivity): remove axios from run_cypress scripts (#267684)\n\n## Summary\n\n**NOTE TO CODE OWNERS:** I'm modifying code I don't own day to day.\nPlease verify the changes still work as expected - for these migrations\na quick run of the affected scripts/tests is worth more than a code-only\nreview.\n\nThis PR removes the `axios` dependency for files owned by\n`@elastic/security-engineering-productivity`. Phase 3 of the axios\nmigration tracked under #266556.\n\n### Why\n\nNode.js 22 ships a native `fetch` API built on undici, and every browser\nKibana targets supports `fetch` natively. Removing axios cuts one\nruntime dependency and continues the per-team rollout that mirrors the\nearlier node-fetch migration\n([#250719](#250719) and siblings).\n\n### Changes\n\nThree files under\n`x-pack/solutions/security/plugins/security_solution/scripts/run_cypress/`,\nall developer/CI scripts that spin up serverless test projects and poll\ntheir readiness:\n\n- `parallel_serverless.ts` - 5 axios calls (proxy healthcheck, ES\n`_cluster/health`, Kibana `/api/status`, ES root, Kibana login).\nReplaced with `fetch` + explicit `res.ok` check + typed `await\nres.json()`. Dropped the `.catch(catchAxiosErrorFormatAndThrow)`\nwrappers that wrapped AxiosError into FormattedAxiosError; replaced with\ninline `throw new Error('${response.status}:${await response.text()}')`\nthat preserves status+body in the error message. Folded `'Content-Type':\n'application/json'` into the module-private `API_HEADERS` constant and\nunwrapped `[ELASTIC_HTTP_VERSION_HEADER]: [INITIAL_REST_VERSION]` to a\nbare string - axios was setting Content-Type implicitly for object\nbodies and silently joining the single-element array, neither of which\nfetch does.\n- `cloud_project_handler.ts` - 4 axios calls (create project, delete\nproject, reset credentials, status poll).\n- `proxy_project_handler.ts` - same shape as `cloud_project_handler.ts`\nwith proxy-specific URLs.\n\nBoth project_handler files: catch blocks previously had an `if (error\ninstanceof AxiosError) { log status:data } else { log message }` branch;\nwith fetch the AxiosError branch is now dead, so they collapse to a\nsingle `this.log.error(${error.message})`. The thrown error's message\ncontains `${status}:${responseBody}` to preserve the same diagnostic\ncontent.\n\nThe retry callbacks' `error instanceof AxiosError && error.code ===\n'ENOTFOUND'` checks (used to log a friendlier \"URL not yet reachable\"\nmessage during DNS failures) were replaced with `(error as { cause?: {\ncode?: string } }).cause?.code === 'ENOTFOUND'` — Node fetch wraps the\nunderlying network error on `error.cause`, so DNS failures still surface\nwith `cause.code === 'ENOTFOUND'`. The one retry callback in\n`proxyHealthcheck` previously guarded its log behind `if (error\ninstanceof AxiosError)`; with fetch every error reaching that callback\nis HTTP/network-related, so the guard is dropped and the parameter\nomitted.\n\nRemoved the corresponding `run_cypress/` entries from\n`AXIOS_LEGACY_CONSUMERS` in `.eslintrc.js`. New axios usage anywhere in\nthis directory is now blocked by the existing global ban.\n\n### Behavior parity\n\n- Status-based retry decisions unchanged: `res.ok` is true exactly for\n2xx, matching axios's auto-throw on non-2xx + `error.response.status ===\n200` checks.\n- ENOTFOUND detection unchanged: fetch's wrapped `cause.code` matches\naxios's `code` for DNS failures.\n- Error log content preserved: messages still include status code and\nresponse body where the original did.\n- The `catchAxiosErrorFormatAndThrow` import (which would have required\nmigrating the `format_axios_error.ts` utility owned by\n`@elastic/security-defend-workflows`) is no longer needed; that utility\nstays as-is for its other consumers and will be migrated in a later\nphase.","sha":"cbbfb6d9139df3fcb8a07ae05b9dc484f580d6dd"}}]}] BACKPORT--> Co-authored-by: Aleh Zasypkin <aleh.zasypkin@elastic.co>
Contributor
Author
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
kibanamachine
added a commit
that referenced
this pull request
May 5, 2026
…om run_cypress scripts (#267684) (#267732) # Backport This will backport the following commits from `main` to `9.2`: - [chore(axios,security-engineering-productivity): remove axios from run_cypress scripts (#267684)](#267684) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Aleh Zasypkin","email":"aleh.zasypkin@elastic.co"},"sourceCommit":{"committedDate":"2026-05-05T13:08:17Z","message":"chore(axios,security-engineering-productivity): remove axios from run_cypress scripts (#267684)\n\n## Summary\n\n**NOTE TO CODE OWNERS:** I'm modifying code I don't own day to day.\nPlease verify the changes still work as expected - for these migrations\na quick run of the affected scripts/tests is worth more than a code-only\nreview.\n\nThis PR removes the `axios` dependency for files owned by\n`@elastic/security-engineering-productivity`. Phase 3 of the axios\nmigration tracked under #266556.\n\n### Why\n\nNode.js 22 ships a native `fetch` API built on undici, and every browser\nKibana targets supports `fetch` natively. Removing axios cuts one\nruntime dependency and continues the per-team rollout that mirrors the\nearlier node-fetch migration\n([#250719](#250719) and siblings).\n\n### Changes\n\nThree files under\n`x-pack/solutions/security/plugins/security_solution/scripts/run_cypress/`,\nall developer/CI scripts that spin up serverless test projects and poll\ntheir readiness:\n\n- `parallel_serverless.ts` - 5 axios calls (proxy healthcheck, ES\n`_cluster/health`, Kibana `/api/status`, ES root, Kibana login).\nReplaced with `fetch` + explicit `res.ok` check + typed `await\nres.json()`. Dropped the `.catch(catchAxiosErrorFormatAndThrow)`\nwrappers that wrapped AxiosError into FormattedAxiosError; replaced with\ninline `throw new Error('${response.status}:${await response.text()}')`\nthat preserves status+body in the error message. Folded `'Content-Type':\n'application/json'` into the module-private `API_HEADERS` constant and\nunwrapped `[ELASTIC_HTTP_VERSION_HEADER]: [INITIAL_REST_VERSION]` to a\nbare string - axios was setting Content-Type implicitly for object\nbodies and silently joining the single-element array, neither of which\nfetch does.\n- `cloud_project_handler.ts` - 4 axios calls (create project, delete\nproject, reset credentials, status poll).\n- `proxy_project_handler.ts` - same shape as `cloud_project_handler.ts`\nwith proxy-specific URLs.\n\nBoth project_handler files: catch blocks previously had an `if (error\ninstanceof AxiosError) { log status:data } else { log message }` branch;\nwith fetch the AxiosError branch is now dead, so they collapse to a\nsingle `this.log.error(${error.message})`. The thrown error's message\ncontains `${status}:${responseBody}` to preserve the same diagnostic\ncontent.\n\nThe retry callbacks' `error instanceof AxiosError && error.code ===\n'ENOTFOUND'` checks (used to log a friendlier \"URL not yet reachable\"\nmessage during DNS failures) were replaced with `(error as { cause?: {\ncode?: string } }).cause?.code === 'ENOTFOUND'` — Node fetch wraps the\nunderlying network error on `error.cause`, so DNS failures still surface\nwith `cause.code === 'ENOTFOUND'`. The one retry callback in\n`proxyHealthcheck` previously guarded its log behind `if (error\ninstanceof AxiosError)`; with fetch every error reaching that callback\nis HTTP/network-related, so the guard is dropped and the parameter\nomitted.\n\nRemoved the corresponding `run_cypress/` entries from\n`AXIOS_LEGACY_CONSUMERS` in `.eslintrc.js`. New axios usage anywhere in\nthis directory is now blocked by the existing global ban.\n\n### Behavior parity\n\n- Status-based retry decisions unchanged: `res.ok` is true exactly for\n2xx, matching axios's auto-throw on non-2xx + `error.response.status ===\n200` checks.\n- ENOTFOUND detection unchanged: fetch's wrapped `cause.code` matches\naxios's `code` for DNS failures.\n- Error log content preserved: messages still include status code and\nresponse body where the original did.\n- The `catchAxiosErrorFormatAndThrow` import (which would have required\nmigrating the `format_axios_error.ts` utility owned by\n`@elastic/security-defend-workflows`) is no longer needed; that utility\nstays as-is for its other consumers and will be migrated in a later\nphase.","sha":"cbbfb6d9139df3fcb8a07ae05b9dc484f580d6dd","branchLabelMapping":{"^v9.5.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["chore","release_note:skip","dependencies","backport:all-open","v9.5.0"],"title":"chore(axios,security-engineering-productivity): remove axios from run_cypress scripts","number":267684,"url":"https://github.com/elastic/kibana/pull/267684","mergeCommit":{"message":"chore(axios,security-engineering-productivity): remove axios from run_cypress scripts (#267684)\n\n## Summary\n\n**NOTE TO CODE OWNERS:** I'm modifying code I don't own day to day.\nPlease verify the changes still work as expected - for these migrations\na quick run of the affected scripts/tests is worth more than a code-only\nreview.\n\nThis PR removes the `axios` dependency for files owned by\n`@elastic/security-engineering-productivity`. Phase 3 of the axios\nmigration tracked under #266556.\n\n### Why\n\nNode.js 22 ships a native `fetch` API built on undici, and every browser\nKibana targets supports `fetch` natively. Removing axios cuts one\nruntime dependency and continues the per-team rollout that mirrors the\nearlier node-fetch migration\n([#250719](#250719) and siblings).\n\n### Changes\n\nThree files under\n`x-pack/solutions/security/plugins/security_solution/scripts/run_cypress/`,\nall developer/CI scripts that spin up serverless test projects and poll\ntheir readiness:\n\n- `parallel_serverless.ts` - 5 axios calls (proxy healthcheck, ES\n`_cluster/health`, Kibana `/api/status`, ES root, Kibana login).\nReplaced with `fetch` + explicit `res.ok` check + typed `await\nres.json()`. Dropped the `.catch(catchAxiosErrorFormatAndThrow)`\nwrappers that wrapped AxiosError into FormattedAxiosError; replaced with\ninline `throw new Error('${response.status}:${await response.text()}')`\nthat preserves status+body in the error message. Folded `'Content-Type':\n'application/json'` into the module-private `API_HEADERS` constant and\nunwrapped `[ELASTIC_HTTP_VERSION_HEADER]: [INITIAL_REST_VERSION]` to a\nbare string - axios was setting Content-Type implicitly for object\nbodies and silently joining the single-element array, neither of which\nfetch does.\n- `cloud_project_handler.ts` - 4 axios calls (create project, delete\nproject, reset credentials, status poll).\n- `proxy_project_handler.ts` - same shape as `cloud_project_handler.ts`\nwith proxy-specific URLs.\n\nBoth project_handler files: catch blocks previously had an `if (error\ninstanceof AxiosError) { log status:data } else { log message }` branch;\nwith fetch the AxiosError branch is now dead, so they collapse to a\nsingle `this.log.error(${error.message})`. The thrown error's message\ncontains `${status}:${responseBody}` to preserve the same diagnostic\ncontent.\n\nThe retry callbacks' `error instanceof AxiosError && error.code ===\n'ENOTFOUND'` checks (used to log a friendlier \"URL not yet reachable\"\nmessage during DNS failures) were replaced with `(error as { cause?: {\ncode?: string } }).cause?.code === 'ENOTFOUND'` — Node fetch wraps the\nunderlying network error on `error.cause`, so DNS failures still surface\nwith `cause.code === 'ENOTFOUND'`. The one retry callback in\n`proxyHealthcheck` previously guarded its log behind `if (error\ninstanceof AxiosError)`; with fetch every error reaching that callback\nis HTTP/network-related, so the guard is dropped and the parameter\nomitted.\n\nRemoved the corresponding `run_cypress/` entries from\n`AXIOS_LEGACY_CONSUMERS` in `.eslintrc.js`. New axios usage anywhere in\nthis directory is now blocked by the existing global ban.\n\n### Behavior parity\n\n- Status-based retry decisions unchanged: `res.ok` is true exactly for\n2xx, matching axios's auto-throw on non-2xx + `error.response.status ===\n200` checks.\n- ENOTFOUND detection unchanged: fetch's wrapped `cause.code` matches\naxios's `code` for DNS failures.\n- Error log content preserved: messages still include status code and\nresponse body where the original did.\n- The `catchAxiosErrorFormatAndThrow` import (which would have required\nmigrating the `format_axios_error.ts` utility owned by\n`@elastic/security-defend-workflows`) is no longer needed; that utility\nstays as-is for its other consumers and will be migrated in a later\nphase.","sha":"cbbfb6d9139df3fcb8a07ae05b9dc484f580d6dd"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.5.0","branchLabelMappingKey":"^v9.5.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/267684","number":267684,"mergeCommit":{"message":"chore(axios,security-engineering-productivity): remove axios from run_cypress scripts (#267684)\n\n## Summary\n\n**NOTE TO CODE OWNERS:** I'm modifying code I don't own day to day.\nPlease verify the changes still work as expected - for these migrations\na quick run of the affected scripts/tests is worth more than a code-only\nreview.\n\nThis PR removes the `axios` dependency for files owned by\n`@elastic/security-engineering-productivity`. Phase 3 of the axios\nmigration tracked under #266556.\n\n### Why\n\nNode.js 22 ships a native `fetch` API built on undici, and every browser\nKibana targets supports `fetch` natively. Removing axios cuts one\nruntime dependency and continues the per-team rollout that mirrors the\nearlier node-fetch migration\n([#250719](#250719) and siblings).\n\n### Changes\n\nThree files under\n`x-pack/solutions/security/plugins/security_solution/scripts/run_cypress/`,\nall developer/CI scripts that spin up serverless test projects and poll\ntheir readiness:\n\n- `parallel_serverless.ts` - 5 axios calls (proxy healthcheck, ES\n`_cluster/health`, Kibana `/api/status`, ES root, Kibana login).\nReplaced with `fetch` + explicit `res.ok` check + typed `await\nres.json()`. Dropped the `.catch(catchAxiosErrorFormatAndThrow)`\nwrappers that wrapped AxiosError into FormattedAxiosError; replaced with\ninline `throw new Error('${response.status}:${await response.text()}')`\nthat preserves status+body in the error message. Folded `'Content-Type':\n'application/json'` into the module-private `API_HEADERS` constant and\nunwrapped `[ELASTIC_HTTP_VERSION_HEADER]: [INITIAL_REST_VERSION]` to a\nbare string - axios was setting Content-Type implicitly for object\nbodies and silently joining the single-element array, neither of which\nfetch does.\n- `cloud_project_handler.ts` - 4 axios calls (create project, delete\nproject, reset credentials, status poll).\n- `proxy_project_handler.ts` - same shape as `cloud_project_handler.ts`\nwith proxy-specific URLs.\n\nBoth project_handler files: catch blocks previously had an `if (error\ninstanceof AxiosError) { log status:data } else { log message }` branch;\nwith fetch the AxiosError branch is now dead, so they collapse to a\nsingle `this.log.error(${error.message})`. The thrown error's message\ncontains `${status}:${responseBody}` to preserve the same diagnostic\ncontent.\n\nThe retry callbacks' `error instanceof AxiosError && error.code ===\n'ENOTFOUND'` checks (used to log a friendlier \"URL not yet reachable\"\nmessage during DNS failures) were replaced with `(error as { cause?: {\ncode?: string } }).cause?.code === 'ENOTFOUND'` — Node fetch wraps the\nunderlying network error on `error.cause`, so DNS failures still surface\nwith `cause.code === 'ENOTFOUND'`. The one retry callback in\n`proxyHealthcheck` previously guarded its log behind `if (error\ninstanceof AxiosError)`; with fetch every error reaching that callback\nis HTTP/network-related, so the guard is dropped and the parameter\nomitted.\n\nRemoved the corresponding `run_cypress/` entries from\n`AXIOS_LEGACY_CONSUMERS` in `.eslintrc.js`. New axios usage anywhere in\nthis directory is now blocked by the existing global ban.\n\n### Behavior parity\n\n- Status-based retry decisions unchanged: `res.ok` is true exactly for\n2xx, matching axios's auto-throw on non-2xx + `error.response.status ===\n200` checks.\n- ENOTFOUND detection unchanged: fetch's wrapped `cause.code` matches\naxios's `code` for DNS failures.\n- Error log content preserved: messages still include status code and\nresponse body where the original did.\n- The `catchAxiosErrorFormatAndThrow` import (which would have required\nmigrating the `format_axios_error.ts` utility owned by\n`@elastic/security-defend-workflows`) is no longer needed; that utility\nstays as-is for its other consumers and will be migrated in a later\nphase.","sha":"cbbfb6d9139df3fcb8a07ae05b9dc484f580d6dd"}}]}] BACKPORT--> Co-authored-by: Aleh Zasypkin <aleh.zasypkin@elastic.co>
2 tasks
kibanamachine
added a commit
that referenced
this pull request
May 5, 2026
…om run_cypress scripts (#267684) (#267734) # Backport This will backport the following commits from `main` to `9.4`: - [chore(axios,security-engineering-productivity): remove axios from run_cypress scripts (#267684)](#267684) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Aleh Zasypkin","email":"aleh.zasypkin@elastic.co"},"sourceCommit":{"committedDate":"2026-05-05T13:08:17Z","message":"chore(axios,security-engineering-productivity): remove axios from run_cypress scripts (#267684)\n\n## Summary\n\n**NOTE TO CODE OWNERS:** I'm modifying code I don't own day to day.\nPlease verify the changes still work as expected - for these migrations\na quick run of the affected scripts/tests is worth more than a code-only\nreview.\n\nThis PR removes the `axios` dependency for files owned by\n`@elastic/security-engineering-productivity`. Phase 3 of the axios\nmigration tracked under #266556.\n\n### Why\n\nNode.js 22 ships a native `fetch` API built on undici, and every browser\nKibana targets supports `fetch` natively. Removing axios cuts one\nruntime dependency and continues the per-team rollout that mirrors the\nearlier node-fetch migration\n([#250719](#250719) and siblings).\n\n### Changes\n\nThree files under\n`x-pack/solutions/security/plugins/security_solution/scripts/run_cypress/`,\nall developer/CI scripts that spin up serverless test projects and poll\ntheir readiness:\n\n- `parallel_serverless.ts` - 5 axios calls (proxy healthcheck, ES\n`_cluster/health`, Kibana `/api/status`, ES root, Kibana login).\nReplaced with `fetch` + explicit `res.ok` check + typed `await\nres.json()`. Dropped the `.catch(catchAxiosErrorFormatAndThrow)`\nwrappers that wrapped AxiosError into FormattedAxiosError; replaced with\ninline `throw new Error('${response.status}:${await response.text()}')`\nthat preserves status+body in the error message. Folded `'Content-Type':\n'application/json'` into the module-private `API_HEADERS` constant and\nunwrapped `[ELASTIC_HTTP_VERSION_HEADER]: [INITIAL_REST_VERSION]` to a\nbare string - axios was setting Content-Type implicitly for object\nbodies and silently joining the single-element array, neither of which\nfetch does.\n- `cloud_project_handler.ts` - 4 axios calls (create project, delete\nproject, reset credentials, status poll).\n- `proxy_project_handler.ts` - same shape as `cloud_project_handler.ts`\nwith proxy-specific URLs.\n\nBoth project_handler files: catch blocks previously had an `if (error\ninstanceof AxiosError) { log status:data } else { log message }` branch;\nwith fetch the AxiosError branch is now dead, so they collapse to a\nsingle `this.log.error(${error.message})`. The thrown error's message\ncontains `${status}:${responseBody}` to preserve the same diagnostic\ncontent.\n\nThe retry callbacks' `error instanceof AxiosError && error.code ===\n'ENOTFOUND'` checks (used to log a friendlier \"URL not yet reachable\"\nmessage during DNS failures) were replaced with `(error as { cause?: {\ncode?: string } }).cause?.code === 'ENOTFOUND'` — Node fetch wraps the\nunderlying network error on `error.cause`, so DNS failures still surface\nwith `cause.code === 'ENOTFOUND'`. The one retry callback in\n`proxyHealthcheck` previously guarded its log behind `if (error\ninstanceof AxiosError)`; with fetch every error reaching that callback\nis HTTP/network-related, so the guard is dropped and the parameter\nomitted.\n\nRemoved the corresponding `run_cypress/` entries from\n`AXIOS_LEGACY_CONSUMERS` in `.eslintrc.js`. New axios usage anywhere in\nthis directory is now blocked by the existing global ban.\n\n### Behavior parity\n\n- Status-based retry decisions unchanged: `res.ok` is true exactly for\n2xx, matching axios's auto-throw on non-2xx + `error.response.status ===\n200` checks.\n- ENOTFOUND detection unchanged: fetch's wrapped `cause.code` matches\naxios's `code` for DNS failures.\n- Error log content preserved: messages still include status code and\nresponse body where the original did.\n- The `catchAxiosErrorFormatAndThrow` import (which would have required\nmigrating the `format_axios_error.ts` utility owned by\n`@elastic/security-defend-workflows`) is no longer needed; that utility\nstays as-is for its other consumers and will be migrated in a later\nphase.","sha":"cbbfb6d9139df3fcb8a07ae05b9dc484f580d6dd","branchLabelMapping":{"^v9.5.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["chore","release_note:skip","dependencies","backport:all-open","v9.5.0"],"title":"chore(axios,security-engineering-productivity): remove axios from run_cypress scripts","number":267684,"url":"https://github.com/elastic/kibana/pull/267684","mergeCommit":{"message":"chore(axios,security-engineering-productivity): remove axios from run_cypress scripts (#267684)\n\n## Summary\n\n**NOTE TO CODE OWNERS:** I'm modifying code I don't own day to day.\nPlease verify the changes still work as expected - for these migrations\na quick run of the affected scripts/tests is worth more than a code-only\nreview.\n\nThis PR removes the `axios` dependency for files owned by\n`@elastic/security-engineering-productivity`. Phase 3 of the axios\nmigration tracked under #266556.\n\n### Why\n\nNode.js 22 ships a native `fetch` API built on undici, and every browser\nKibana targets supports `fetch` natively. Removing axios cuts one\nruntime dependency and continues the per-team rollout that mirrors the\nearlier node-fetch migration\n([#250719](#250719) and siblings).\n\n### Changes\n\nThree files under\n`x-pack/solutions/security/plugins/security_solution/scripts/run_cypress/`,\nall developer/CI scripts that spin up serverless test projects and poll\ntheir readiness:\n\n- `parallel_serverless.ts` - 5 axios calls (proxy healthcheck, ES\n`_cluster/health`, Kibana `/api/status`, ES root, Kibana login).\nReplaced with `fetch` + explicit `res.ok` check + typed `await\nres.json()`. Dropped the `.catch(catchAxiosErrorFormatAndThrow)`\nwrappers that wrapped AxiosError into FormattedAxiosError; replaced with\ninline `throw new Error('${response.status}:${await response.text()}')`\nthat preserves status+body in the error message. Folded `'Content-Type':\n'application/json'` into the module-private `API_HEADERS` constant and\nunwrapped `[ELASTIC_HTTP_VERSION_HEADER]: [INITIAL_REST_VERSION]` to a\nbare string - axios was setting Content-Type implicitly for object\nbodies and silently joining the single-element array, neither of which\nfetch does.\n- `cloud_project_handler.ts` - 4 axios calls (create project, delete\nproject, reset credentials, status poll).\n- `proxy_project_handler.ts` - same shape as `cloud_project_handler.ts`\nwith proxy-specific URLs.\n\nBoth project_handler files: catch blocks previously had an `if (error\ninstanceof AxiosError) { log status:data } else { log message }` branch;\nwith fetch the AxiosError branch is now dead, so they collapse to a\nsingle `this.log.error(${error.message})`. The thrown error's message\ncontains `${status}:${responseBody}` to preserve the same diagnostic\ncontent.\n\nThe retry callbacks' `error instanceof AxiosError && error.code ===\n'ENOTFOUND'` checks (used to log a friendlier \"URL not yet reachable\"\nmessage during DNS failures) were replaced with `(error as { cause?: {\ncode?: string } }).cause?.code === 'ENOTFOUND'` — Node fetch wraps the\nunderlying network error on `error.cause`, so DNS failures still surface\nwith `cause.code === 'ENOTFOUND'`. The one retry callback in\n`proxyHealthcheck` previously guarded its log behind `if (error\ninstanceof AxiosError)`; with fetch every error reaching that callback\nis HTTP/network-related, so the guard is dropped and the parameter\nomitted.\n\nRemoved the corresponding `run_cypress/` entries from\n`AXIOS_LEGACY_CONSUMERS` in `.eslintrc.js`. New axios usage anywhere in\nthis directory is now blocked by the existing global ban.\n\n### Behavior parity\n\n- Status-based retry decisions unchanged: `res.ok` is true exactly for\n2xx, matching axios's auto-throw on non-2xx + `error.response.status ===\n200` checks.\n- ENOTFOUND detection unchanged: fetch's wrapped `cause.code` matches\naxios's `code` for DNS failures.\n- Error log content preserved: messages still include status code and\nresponse body where the original did.\n- The `catchAxiosErrorFormatAndThrow` import (which would have required\nmigrating the `format_axios_error.ts` utility owned by\n`@elastic/security-defend-workflows`) is no longer needed; that utility\nstays as-is for its other consumers and will be migrated in a later\nphase.","sha":"cbbfb6d9139df3fcb8a07ae05b9dc484f580d6dd"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.5.0","branchLabelMappingKey":"^v9.5.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/267684","number":267684,"mergeCommit":{"message":"chore(axios,security-engineering-productivity): remove axios from run_cypress scripts (#267684)\n\n## Summary\n\n**NOTE TO CODE OWNERS:** I'm modifying code I don't own day to day.\nPlease verify the changes still work as expected - for these migrations\na quick run of the affected scripts/tests is worth more than a code-only\nreview.\n\nThis PR removes the `axios` dependency for files owned by\n`@elastic/security-engineering-productivity`. Phase 3 of the axios\nmigration tracked under #266556.\n\n### Why\n\nNode.js 22 ships a native `fetch` API built on undici, and every browser\nKibana targets supports `fetch` natively. Removing axios cuts one\nruntime dependency and continues the per-team rollout that mirrors the\nearlier node-fetch migration\n([#250719](#250719) and siblings).\n\n### Changes\n\nThree files under\n`x-pack/solutions/security/plugins/security_solution/scripts/run_cypress/`,\nall developer/CI scripts that spin up serverless test projects and poll\ntheir readiness:\n\n- `parallel_serverless.ts` - 5 axios calls (proxy healthcheck, ES\n`_cluster/health`, Kibana `/api/status`, ES root, Kibana login).\nReplaced with `fetch` + explicit `res.ok` check + typed `await\nres.json()`. Dropped the `.catch(catchAxiosErrorFormatAndThrow)`\nwrappers that wrapped AxiosError into FormattedAxiosError; replaced with\ninline `throw new Error('${response.status}:${await response.text()}')`\nthat preserves status+body in the error message. Folded `'Content-Type':\n'application/json'` into the module-private `API_HEADERS` constant and\nunwrapped `[ELASTIC_HTTP_VERSION_HEADER]: [INITIAL_REST_VERSION]` to a\nbare string - axios was setting Content-Type implicitly for object\nbodies and silently joining the single-element array, neither of which\nfetch does.\n- `cloud_project_handler.ts` - 4 axios calls (create project, delete\nproject, reset credentials, status poll).\n- `proxy_project_handler.ts` - same shape as `cloud_project_handler.ts`\nwith proxy-specific URLs.\n\nBoth project_handler files: catch blocks previously had an `if (error\ninstanceof AxiosError) { log status:data } else { log message }` branch;\nwith fetch the AxiosError branch is now dead, so they collapse to a\nsingle `this.log.error(${error.message})`. The thrown error's message\ncontains `${status}:${responseBody}` to preserve the same diagnostic\ncontent.\n\nThe retry callbacks' `error instanceof AxiosError && error.code ===\n'ENOTFOUND'` checks (used to log a friendlier \"URL not yet reachable\"\nmessage during DNS failures) were replaced with `(error as { cause?: {\ncode?: string } }).cause?.code === 'ENOTFOUND'` — Node fetch wraps the\nunderlying network error on `error.cause`, so DNS failures still surface\nwith `cause.code === 'ENOTFOUND'`. The one retry callback in\n`proxyHealthcheck` previously guarded its log behind `if (error\ninstanceof AxiosError)`; with fetch every error reaching that callback\nis HTTP/network-related, so the guard is dropped and the parameter\nomitted.\n\nRemoved the corresponding `run_cypress/` entries from\n`AXIOS_LEGACY_CONSUMERS` in `.eslintrc.js`. New axios usage anywhere in\nthis directory is now blocked by the existing global ban.\n\n### Behavior parity\n\n- Status-based retry decisions unchanged: `res.ok` is true exactly for\n2xx, matching axios's auto-throw on non-2xx + `error.response.status ===\n200` checks.\n- ENOTFOUND detection unchanged: fetch's wrapped `cause.code` matches\naxios's `code` for DNS failures.\n- Error log content preserved: messages still include status code and\nresponse body where the original did.\n- The `catchAxiosErrorFormatAndThrow` import (which would have required\nmigrating the `format_axios_error.ts` utility owned by\n`@elastic/security-defend-workflows`) is no longer needed; that utility\nstays as-is for its other consumers and will be migrated in a later\nphase.","sha":"cbbfb6d9139df3fcb8a07ae05b9dc484f580d6dd"}}]}] BACKPORT--> Co-authored-by: Aleh Zasypkin <aleh.zasypkin@elastic.co> Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
azasypkin
added a commit
that referenced
this pull request
May 6, 2026
…rom run_cypress scripts (#267684) (#267765) # Backport This will backport the following commits from `main` to `8.19`: - [chore(axios,security-engineering-productivity): remove axios from run_cypress scripts (#267684)](#267684) <!--- Backport version: 11.0.2 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Aleh Zasypkin","email":"aleh.zasypkin@elastic.co"},"sourceCommit":{"committedDate":"2026-05-05T13:08:17Z","message":"chore(axios,security-engineering-productivity): remove axios from run_cypress scripts (#267684)\n\n## Summary\n\n**NOTE TO CODE OWNERS:** I'm modifying code I don't own day to day.\nPlease verify the changes still work as expected - for these migrations\na quick run of the affected scripts/tests is worth more than a code-only\nreview.\n\nThis PR removes the `axios` dependency for files owned by\n`@elastic/security-engineering-productivity`. Phase 3 of the axios\nmigration tracked under #266556.\n\n### Why\n\nNode.js 22 ships a native `fetch` API built on undici, and every browser\nKibana targets supports `fetch` natively. Removing axios cuts one\nruntime dependency and continues the per-team rollout that mirrors the\nearlier node-fetch migration\n([#250719](#250719) and siblings).\n\n### Changes\n\nThree files under\n`x-pack/solutions/security/plugins/security_solution/scripts/run_cypress/`,\nall developer/CI scripts that spin up serverless test projects and poll\ntheir readiness:\n\n- `parallel_serverless.ts` - 5 axios calls (proxy healthcheck, ES\n`_cluster/health`, Kibana `/api/status`, ES root, Kibana login).\nReplaced with `fetch` + explicit `res.ok` check + typed `await\nres.json()`. Dropped the `.catch(catchAxiosErrorFormatAndThrow)`\nwrappers that wrapped AxiosError into FormattedAxiosError; replaced with\ninline `throw new Error('${response.status}:${await response.text()}')`\nthat preserves status+body in the error message. Folded `'Content-Type':\n'application/json'` into the module-private `API_HEADERS` constant and\nunwrapped `[ELASTIC_HTTP_VERSION_HEADER]: [INITIAL_REST_VERSION]` to a\nbare string - axios was setting Content-Type implicitly for object\nbodies and silently joining the single-element array, neither of which\nfetch does.\n- `cloud_project_handler.ts` - 4 axios calls (create project, delete\nproject, reset credentials, status poll).\n- `proxy_project_handler.ts` - same shape as `cloud_project_handler.ts`\nwith proxy-specific URLs.\n\nBoth project_handler files: catch blocks previously had an `if (error\ninstanceof AxiosError) { log status:data } else { log message }` branch;\nwith fetch the AxiosError branch is now dead, so they collapse to a\nsingle `this.log.error(${error.message})`. The thrown error's message\ncontains `${status}:${responseBody}` to preserve the same diagnostic\ncontent.\n\nThe retry callbacks' `error instanceof AxiosError && error.code ===\n'ENOTFOUND'` checks (used to log a friendlier \"URL not yet reachable\"\nmessage during DNS failures) were replaced with `(error as { cause?: {\ncode?: string } }).cause?.code === 'ENOTFOUND'` — Node fetch wraps the\nunderlying network error on `error.cause`, so DNS failures still surface\nwith `cause.code === 'ENOTFOUND'`. The one retry callback in\n`proxyHealthcheck` previously guarded its log behind `if (error\ninstanceof AxiosError)`; with fetch every error reaching that callback\nis HTTP/network-related, so the guard is dropped and the parameter\nomitted.\n\nRemoved the corresponding `run_cypress/` entries from\n`AXIOS_LEGACY_CONSUMERS` in `.eslintrc.js`. New axios usage anywhere in\nthis directory is now blocked by the existing global ban.\n\n### Behavior parity\n\n- Status-based retry decisions unchanged: `res.ok` is true exactly for\n2xx, matching axios's auto-throw on non-2xx + `error.response.status ===\n200` checks.\n- ENOTFOUND detection unchanged: fetch's wrapped `cause.code` matches\naxios's `code` for DNS failures.\n- Error log content preserved: messages still include status code and\nresponse body where the original did.\n- The `catchAxiosErrorFormatAndThrow` import (which would have required\nmigrating the `format_axios_error.ts` utility owned by\n`@elastic/security-defend-workflows`) is no longer needed; that utility\nstays as-is for its other consumers and will be migrated in a later\nphase.","sha":"cbbfb6d9139df3fcb8a07ae05b9dc484f580d6dd","branchLabelMapping":{"^v9.5.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["chore","release_note:skip","dependencies","backport:all-open","v9.5.0"],"title":"chore(axios,security-engineering-productivity): remove axios from run_cypress scripts","number":267684,"url":"https://github.com/elastic/kibana/pull/267684","mergeCommit":{"message":"chore(axios,security-engineering-productivity): remove axios from run_cypress scripts (#267684)\n\n## Summary\n\n**NOTE TO CODE OWNERS:** I'm modifying code I don't own day to day.\nPlease verify the changes still work as expected - for these migrations\na quick run of the affected scripts/tests is worth more than a code-only\nreview.\n\nThis PR removes the `axios` dependency for files owned by\n`@elastic/security-engineering-productivity`. Phase 3 of the axios\nmigration tracked under #266556.\n\n### Why\n\nNode.js 22 ships a native `fetch` API built on undici, and every browser\nKibana targets supports `fetch` natively. Removing axios cuts one\nruntime dependency and continues the per-team rollout that mirrors the\nearlier node-fetch migration\n([#250719](#250719) and siblings).\n\n### Changes\n\nThree files under\n`x-pack/solutions/security/plugins/security_solution/scripts/run_cypress/`,\nall developer/CI scripts that spin up serverless test projects and poll\ntheir readiness:\n\n- `parallel_serverless.ts` - 5 axios calls (proxy healthcheck, ES\n`_cluster/health`, Kibana `/api/status`, ES root, Kibana login).\nReplaced with `fetch` + explicit `res.ok` check + typed `await\nres.json()`. Dropped the `.catch(catchAxiosErrorFormatAndThrow)`\nwrappers that wrapped AxiosError into FormattedAxiosError; replaced with\ninline `throw new Error('${response.status}:${await response.text()}')`\nthat preserves status+body in the error message. Folded `'Content-Type':\n'application/json'` into the module-private `API_HEADERS` constant and\nunwrapped `[ELASTIC_HTTP_VERSION_HEADER]: [INITIAL_REST_VERSION]` to a\nbare string - axios was setting Content-Type implicitly for object\nbodies and silently joining the single-element array, neither of which\nfetch does.\n- `cloud_project_handler.ts` - 4 axios calls (create project, delete\nproject, reset credentials, status poll).\n- `proxy_project_handler.ts` - same shape as `cloud_project_handler.ts`\nwith proxy-specific URLs.\n\nBoth project_handler files: catch blocks previously had an `if (error\ninstanceof AxiosError) { log status:data } else { log message }` branch;\nwith fetch the AxiosError branch is now dead, so they collapse to a\nsingle `this.log.error(${error.message})`. The thrown error's message\ncontains `${status}:${responseBody}` to preserve the same diagnostic\ncontent.\n\nThe retry callbacks' `error instanceof AxiosError && error.code ===\n'ENOTFOUND'` checks (used to log a friendlier \"URL not yet reachable\"\nmessage during DNS failures) were replaced with `(error as { cause?: {\ncode?: string } }).cause?.code === 'ENOTFOUND'` — Node fetch wraps the\nunderlying network error on `error.cause`, so DNS failures still surface\nwith `cause.code === 'ENOTFOUND'`. The one retry callback in\n`proxyHealthcheck` previously guarded its log behind `if (error\ninstanceof AxiosError)`; with fetch every error reaching that callback\nis HTTP/network-related, so the guard is dropped and the parameter\nomitted.\n\nRemoved the corresponding `run_cypress/` entries from\n`AXIOS_LEGACY_CONSUMERS` in `.eslintrc.js`. New axios usage anywhere in\nthis directory is now blocked by the existing global ban.\n\n### Behavior parity\n\n- Status-based retry decisions unchanged: `res.ok` is true exactly for\n2xx, matching axios's auto-throw on non-2xx + `error.response.status ===\n200` checks.\n- ENOTFOUND detection unchanged: fetch's wrapped `cause.code` matches\naxios's `code` for DNS failures.\n- Error log content preserved: messages still include status code and\nresponse body where the original did.\n- The `catchAxiosErrorFormatAndThrow` import (which would have required\nmigrating the `format_axios_error.ts` utility owned by\n`@elastic/security-defend-workflows`) is no longer needed; that utility\nstays as-is for its other consumers and will be migrated in a later\nphase.","sha":"cbbfb6d9139df3fcb8a07ae05b9dc484f580d6dd"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.5.0","branchLabelMappingKey":"^v9.5.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/267684","number":267684,"mergeCommit":{"message":"chore(axios,security-engineering-productivity): remove axios from run_cypress scripts (#267684)\n\n## Summary\n\n**NOTE TO CODE OWNERS:** I'm modifying code I don't own day to day.\nPlease verify the changes still work as expected - for these migrations\na quick run of the affected scripts/tests is worth more than a code-only\nreview.\n\nThis PR removes the `axios` dependency for files owned by\n`@elastic/security-engineering-productivity`. Phase 3 of the axios\nmigration tracked under #266556.\n\n### Why\n\nNode.js 22 ships a native `fetch` API built on undici, and every browser\nKibana targets supports `fetch` natively. Removing axios cuts one\nruntime dependency and continues the per-team rollout that mirrors the\nearlier node-fetch migration\n([#250719](#250719) and siblings).\n\n### Changes\n\nThree files under\n`x-pack/solutions/security/plugins/security_solution/scripts/run_cypress/`,\nall developer/CI scripts that spin up serverless test projects and poll\ntheir readiness:\n\n- `parallel_serverless.ts` - 5 axios calls (proxy healthcheck, ES\n`_cluster/health`, Kibana `/api/status`, ES root, Kibana login).\nReplaced with `fetch` + explicit `res.ok` check + typed `await\nres.json()`. Dropped the `.catch(catchAxiosErrorFormatAndThrow)`\nwrappers that wrapped AxiosError into FormattedAxiosError; replaced with\ninline `throw new Error('${response.status}:${await response.text()}')`\nthat preserves status+body in the error message. Folded `'Content-Type':\n'application/json'` into the module-private `API_HEADERS` constant and\nunwrapped `[ELASTIC_HTTP_VERSION_HEADER]: [INITIAL_REST_VERSION]` to a\nbare string - axios was setting Content-Type implicitly for object\nbodies and silently joining the single-element array, neither of which\nfetch does.\n- `cloud_project_handler.ts` - 4 axios calls (create project, delete\nproject, reset credentials, status poll).\n- `proxy_project_handler.ts` - same shape as `cloud_project_handler.ts`\nwith proxy-specific URLs.\n\nBoth project_handler files: catch blocks previously had an `if (error\ninstanceof AxiosError) { log status:data } else { log message }` branch;\nwith fetch the AxiosError branch is now dead, so they collapse to a\nsingle `this.log.error(${error.message})`. The thrown error's message\ncontains `${status}:${responseBody}` to preserve the same diagnostic\ncontent.\n\nThe retry callbacks' `error instanceof AxiosError && error.code ===\n'ENOTFOUND'` checks (used to log a friendlier \"URL not yet reachable\"\nmessage during DNS failures) were replaced with `(error as { cause?: {\ncode?: string } }).cause?.code === 'ENOTFOUND'` — Node fetch wraps the\nunderlying network error on `error.cause`, so DNS failures still surface\nwith `cause.code === 'ENOTFOUND'`. The one retry callback in\n`proxyHealthcheck` previously guarded its log behind `if (error\ninstanceof AxiosError)`; with fetch every error reaching that callback\nis HTTP/network-related, so the guard is dropped and the parameter\nomitted.\n\nRemoved the corresponding `run_cypress/` entries from\n`AXIOS_LEGACY_CONSUMERS` in `.eslintrc.js`. New axios usage anywhere in\nthis directory is now blocked by the existing global ban.\n\n### Behavior parity\n\n- Status-based retry decisions unchanged: `res.ok` is true exactly for\n2xx, matching axios's auto-throw on non-2xx + `error.response.status ===\n200` checks.\n- ENOTFOUND detection unchanged: fetch's wrapped `cause.code` matches\naxios's `code` for DNS failures.\n- Error log content preserved: messages still include status code and\nresponse body where the original did.\n- The `catchAxiosErrorFormatAndThrow` import (which would have required\nmigrating the `format_axios_error.ts` utility owned by\n`@elastic/security-defend-workflows`) is no longer needed; that utility\nstays as-is for its other consumers and will be migrated in a later\nphase.","sha":"cbbfb6d9139df3fcb8a07ae05b9dc484f580d6dd"}},{"url":"https://github.com/elastic/kibana/pull/267732","number":267732,"branch":"9.2","state":"OPEN"},{"url":"https://github.com/elastic/kibana/pull/267733","number":267733,"branch":"9.3","state":"OPEN"},{"url":"https://github.com/elastic/kibana/pull/267734","number":267734,"branch":"9.4","state":"OPEN"}]}] BACKPORT-->
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
NOTE TO CODE OWNERS: I'm modifying code I don't own day to day. Please verify the changes still work as expected - for these migrations a quick run of the affected scripts/tests is worth more than a code-only review.
This PR removes the
axiosdependency for files owned by@elastic/security-engineering-productivity. Phase 3 of the axios migration tracked under #266556.Why
Node.js 22 ships a native
fetchAPI built on undici, and every browser Kibana targets supportsfetchnatively. Removing axios cuts one runtime dependency and continues the per-team rollout that mirrors the earlier node-fetch migration (#250719 and siblings).Changes
Three files under
x-pack/solutions/security/plugins/security_solution/scripts/run_cypress/, all developer/CI scripts that spin up serverless test projects and poll their readiness:parallel_serverless.ts- 5 axios calls (proxy healthcheck, ES_cluster/health, Kibana/api/status, ES root, Kibana login). Replaced withfetch+ explicitres.okcheck + typedawait res.json(). Dropped the.catch(catchAxiosErrorFormatAndThrow)wrappers that wrapped AxiosError into FormattedAxiosError; replaced with inlinethrow new Error('${response.status}:${await response.text()}')that preserves status+body in the error message. Folded'Content-Type': 'application/json'into the module-privateAPI_HEADERSconstant and unwrapped[ELASTIC_HTTP_VERSION_HEADER]: [INITIAL_REST_VERSION]to a bare string - axios was setting Content-Type implicitly for object bodies and silently joining the single-element array, neither of which fetch does.cloud_project_handler.ts- 4 axios calls (create project, delete project, reset credentials, status poll).proxy_project_handler.ts- same shape ascloud_project_handler.tswith proxy-specific URLs.Both project_handler files: catch blocks previously had an
if (error instanceof AxiosError) { log status:data } else { log message }branch; with fetch the AxiosError branch is now dead, so they collapse to a singlethis.log.error(${error.message}). The thrown error's message contains${status}:${responseBody}to preserve the same diagnostic content.The retry callbacks'
error instanceof AxiosError && error.code === 'ENOTFOUND'checks (used to log a friendlier "URL not yet reachable" message during DNS failures) were replaced with(error as { cause?: { code?: string } }).cause?.code === 'ENOTFOUND'— Node fetch wraps the underlying network error onerror.cause, so DNS failures still surface withcause.code === 'ENOTFOUND'. The one retry callback inproxyHealthcheckpreviously guarded its log behindif (error instanceof AxiosError); with fetch every error reaching that callback is HTTP/network-related, so the guard is dropped and the parameter omitted.Removed the corresponding
run_cypress/entries fromAXIOS_LEGACY_CONSUMERSin.eslintrc.js. New axios usage anywhere in this directory is now blocked by the existing global ban.Behavior parity
res.okis true exactly for 2xx, matching axios's auto-throw on non-2xx +error.response.status === 200checks.cause.codematches axios'scodefor DNS failures.catchAxiosErrorFormatAndThrowimport (which would have required migrating theformat_axios_error.tsutility owned by@elastic/security-defend-workflows) is no longer needed; that utility stays as-is for its other consumers and will be migrated in a later phase.