v0.103.0: Removal of axios

The api.axios library has been removed from the backend scripting API.

Scripts that attempt to use api.axios will now throw an error with migration instructions.

Reasoning#

Axios was marked as deprecated at least since April 2024 in favor of the native fetch() API, which is available in both browser and Node.js environments. After two years of deprecation, the library was removed following the March 2026 npm supply chain compromise, where attackers published malicious versions that deployed a remote access trojan. The Trilium's main developer almost got compromised, but pnpm not trusting unknown post-install scripts successfully avoided that.

Migration#

Replace api.axios calls with the native fetch() API.

`GET` calls#

Before (Axios):

const response = await api.axios.get('https://api.example.com/data');
const data = response.data;

After (fetch):

const response = await fetch('https://api.example.com/data');
const data = await response.json();

`POST` calls#

Before (Axios):

await api.axios.post('https://api.example.com/data', { key: 'value' });

After (fetch):

await fetch('https://api.example.com/data', {
    method: 'POST',
    headers: { 'Content-Type': 'application/json' },
    body: JSON.stringify({ key: 'value' })
});

v0.103.0: Removal of axios

Reasoning#

Migration#

GET calls#

POST calls#

On This Page

`GET` calls#

`POST` calls#