Skip to content

fix: cleanup deps, fix bugs, restore CustomRequest & voucher charge#203

Open
knofte wants to merge 1 commit intoFlutterwave:masterfrom
knofte:fix/housekeeping-and-bug-fixes
Open

fix: cleanup deps, fix bugs, restore CustomRequest & voucher charge#203
knofte wants to merge 1 commit intoFlutterwave:masterfrom
knofte:fix/housekeeping-and-bug-fixes

Conversation

@knofte
Copy link

@knofte knofte commented Feb 25, 2026

Summary

A combined housekeeping + bug fix PR addressing several open issues and long-standing problems:

1. Remove unused production dependencies

  • Removed from dependencies: axios, q, bluebird, chai-as-promised-also-chain
  • Moved to devDependencies: eslint-config-prettier, bluebird
  • The codebase already uses native fetchaxios was only referenced in commented-out code
  • Removes var q = require('q') from rave.base.js (imported but never used)
  • Fixes flutterwave cloudflare error because of use of axios #168 — removing axios resolves Cloudflare Workers XMLHttpRequest incompatibility

2. Fix repository URLs in package.json

  • URLs pointed to Flutterwave-node-v3 (old repo name) instead of Node-v3
  • Affects npm page links for repository, issues, and homepage

3. Bump node-forge from 1.3.2 to ^1.3.3

  • Security fix (CVE-2024-26458 — prototype pollution in ASN.1 parsing)
  • node-forge is used for 3DES-ECB encryption of card payment data

4. Remove .DS_Store from repo, add to .gitignore

5. Restore CustomRequest feature (fixes #117)

  • rave.custom.js and services/rave.custom.request.js were entirely commented out
  • Rewritten using the modern async/await + _rave.request() pattern (no q/morx dependencies)
  • Usage: flw.CustomRequest.custom('/v3/some-endpoint', data)

6. Restore voucher charge service

  • services/charge/rave.voucher.js was entirely commented out, but lib/rave.charge.js still required and exported it
  • Calling flw.Charge.voucher(data) threw TypeError: voucher_charge is not a function
  • Rewritten using the modern pattern matching other charge services (ussd, ach, etc.)

7. Fix operator precedence bug in rave.base.js

// BEFORE (broken):
var requestMethod = RaveUtils.initDefaultValue(payload.method, 'POST' || 'PUT');
//                                              'POST' || 'PUT' always evaluates to 'POST'

var datakey = requestMethod == 'POST' || 'PUT' ? 'body' : 'qs';
//            (requestMethod == 'POST') || 'PUT' is always truthy

// AFTER (fixed):
var requestMethod = RaveUtils.initDefaultValue(payload.method, 'POST');
var datakey = (requestMethod === 'POST' || requestMethod === 'PUT') ? 'body' : 'qs';

8. Fix broken anchor link in documentation/transactions.md

  • "Verify transaction with reference" linked to #verify-transaction instead of #verify-transaction-with-reference

Test plan

  • Verify npm install works with reduced dependency set
  • Verify existing charge services (card, ussd, bank_transfer) still work
  • Test flw.Charge.voucher(data) with voucher payment data
  • Test flw.CustomRequest.custom(path, data) with a valid API path
  • Verify in Cloudflare Workers environment (no more XMLHttpRequest error)

@knofte
fix: cleanup unused deps, fix bugs, restore commented-out features
4b541f7 
1. Remove unused production dependencies (axios, q, bluebird,
   chai-as-promised-also-chain); move eslint-config-prettier to
   devDependencies. Removes axios entirely — the codebase already
   uses native fetch. Fixes Flutterwave#168 (Cloudflare Workers compatibility).

2. Fix repository URLs in package.json — pointed to the old
   Flutterwave-node-v3 repo instead of the current Node-v3.

3. Bump node-forge from pinned 1.3.2 to ^1.3.3 (security fix).

4. Remove committed .DS_Store and add it to .gitignore.

5. Restore CustomRequest feature (fixes Flutterwave#117) — uncommented and
   modernized to use async/await with the existing _rave.request()
   pattern instead of the old q/morx dependencies.

6. Restore voucher charge service — was entirely commented out,
   causing Charge.voucher() to throw TypeError. Rewritten using
   the modern async/await pattern matching other charge services.

7. Fix operator precedence bug in rave.base.js:
   - `'POST' || 'PUT'` always evaluates to 'POST' (dead code)
   - `requestMethod == 'POST' || 'PUT'` always truthy ('PUT' is truthy)
   - Fixed to proper `requestMethod === 'POST' || requestMethod === 'PUT'`
   - Also: `datakey == 'body' ? true : false` simplified to `datakey === 'body'`
   - Removed unused `var q = require('q')` import

8. Fix broken anchor link in documentation/transactions.md —
   "Verify transaction with reference" linked to #verify-transaction
   instead of #verify-transaction-with-reference.
@knofte
Copy link
Author

knofte commented Feb 25, 2026

@corneliusyaovi for your checks - let me know if you need help with anything else in this SDK.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

flutterwave cloudflare error because of use of axios The CustomRequest property on the flutterwave object is commented out

1 participant

@knofte