Fixed Issues

• [eslint-config] Correct formatting in ESLint flat-config (330230c)

Compatibility Notes

• [connectivity] Update @sap/xssec to version 4.12.2 with changed XSUAA URL behavior.
  When fetching XSUAA tokens with zone ID (multi-tenant scenarios), xssec now uses the base domain without a tenant subdomain prefix. (02d1302)

New Features

• [openapi, openapi-generator] Support request bodies with content type "multipart/form-data". (3b95c42)
• [openapi-generator] Allow OpenAPI version 3.1. style "type": "null" schemas. OpenAPI version 3.1. support is limited. (007541a)

Improvements

• [connectivity] Allow passing a service binding directly through DestinationFromServiceBindingOptions instead of looking it up by name. (962cdcb)
• [http-client] Add signal property to CustomRequestConfig and HttpRequestConfigBase type definition to document AbortSignal support for cancelling HTTP requests. (cbed72f)
• [http-client] Add request compression middleware.
  Use the compress() middleware to compress HTTP request payloads using gzip, brotli, deflate, or zstd algorithms.
  Supports multiple compression modes: auto (size-based), passthrough (pre-compressed), or forced compression. (f5715de)

New Features

• [connectivity] Support IAS (App-to-App) authentication. Use transformServiceBindingToDestination() function or getDestinationFromServiceBinding() function to create a destination targeting an IAS application. (d444438)

Improvements

• [eslint-config] Open the peer dependency range of the eslint module to include version 8 and 9. Version 9 can now be used without the potentially unsafe npm flag --legacy-peer-deps. (6431463)

New Features

• [connectivity] Support certificates in JKS format for ClientCertificateAuthentication. (ab96aff)

New Features

• [generator, generator-common] Introduce option generateESM in OData generator to generate ESM compatible code. (c73c7fa)

Fixed Issues

• [openapi] Fix missing type: module in generated package.json when --generateESM option is enabled. (e09754a)
• [openapi-generator] Improve the handling of arrays of enums (f17ca59)

Fixed Issues

• [connectivity, http-client, openapi, resilience, util] Update axios to 1.12.2 to fix vulnerability to DoS attack. Refer here for more details. (011b841)

Fixed Issues

• [connectivity, http-client, openapi, resilience, util] Update axios to 1.11.0 to use non-vulnerable version of form-data. (b502b40)

Compatibility Notes

• [connectivity] The getDestinationFromDestinationService() function no longer verifies the incoming XSUAA JWT against the application's bound XSUAA instance. Consequently, the cacheVerificationKeys option is now deprecated and has no effect. (3c19ffa)

Improvements

• [connectivity] Remove dependency on XSUAA service binding while retrieving destinations using getDestinationFromDestinationService() and getAllDestinationsFromDestinationService() functions. (3c19ffa)

Fixed Issues

• [connectivity] Remove destination cache in getDestinationFromServiceBinding() function to let cached destinations retrieved in getDestinationFromDestinationService() function be added with the proxyConfiguration property.
  • @sap-cloud-sdk/[email protected]
  • @sap-cloud-sdk/[email protected] (4a187d6)