Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

build(deps): bump got from 11.8.2 to 12.0.0 #401

Closed
wants to merge 2 commits into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 4, 2022

Bumps got from 11.8.2 to 12.0.0.

Release notes

Sourced from got's releases.

v12.0.0

Introducing Got v12.0.0 🎉

Long time no see! The latest Got version (v11.8.2) was released just in February ❄️ We have been working hard on squashing bugs and improving overall experience.

If you find Got useful, you might want to sponsor the Got maintainers.

This package is now pure ESM

Please read this. Also see sindresorhus/got#1789.

  • Please don't open issues about [ERR_REQUIRE_ESM] and Must use import to load ES Module errors. This is a problem with your setup, not Got.
  • Please don't open issues about using Got with Jest. Jest does not fully support ESM.
  • Pretty much any problem with loading this package is a problem with your bundler, test framework, etc, not Got.
  • If you use TypeScript, you will want to stay on Got v11 until TypeScript 4.6 is out. Why.
  • If you use a bundler, make sure it supports ESM and that you have correctly configured it for ESM.
  • The Got issue tracker is not a support channel for your favorite build/bundler tool.

Required Node.js >=14

While working with streams, we encountered more Node.js bugs that needed workarounds. In order to keep our code clean, we had to drop Node.js v12 as the code would get more messy. We strongly recommend that you update Node.js to v14 LTS.

HTTP/2 support

Every Node.js release, the native http2 module gets more stable. Unfortunately there are still some issues on the Node.js side, so we decided to keep HTTP/2 disabled for now. We may enable it by default in Got v13. It is still possible to turn it on via the http2 option.

To run HTTP/2 requests, it is required to use Node.js v15.10 or above.

Bug fixes

Woah, we possibly couldn't make a release if we didn't fix some bugs!

  • Do not throw on custom stack traces (#1491) 49c16ee54fb19ea7aa77e24ac8c2b602f0aad265
  • Remove automatic content-length on ReadStream (#1510) 472b8ef9d9fc7713b740981a8b1103a7a9111b26
  • Fix promise shortcuts in case of error status code (#1543) ff918fb6dedb6d8b23421497ec890d43f45121b7 1107cc625e4cc469276483316c48896a21f6251a
  • Invert the methodRewriting option 51d88a0efed56760d116c5b911cea71e3265c787
  • Fix url not being reused on retry in rare case (#1487) 462bc630015064fa4ad4358cf28d24f95e1c958b
  • Fix hanging promise on HTTP/2 timeout (#1492) a59fac415ac013a48b1d514837628a5cf81d6878
  • Prevent uncaught ParseErrors on initial successful response (#1527) 77df9c33db5ba3126f54317171e1cfcfceefc3d5
  • Throw an error when retrying with consumed body (#1507) 62305d77d3428b5c714d21b4bbee68cc75b5f787
  • Fix a Node.js 16 bug that hangs Got streams 06a2d3d7d8d4fcc6898b6364d1a18ca1d407092b
  • Fix default pagination handling for empty Link header (#1768) 1e1e50647e93d038a4cc6a9bbbfbf61165d8fd39
  • Fix incorrect response.complete when using cache 9e15d887da3b065940bbc8ca38f9c748a0bbc75e
  • Fix Cannot call end error when request returns a Writable 226cc3995f6e16938163ebde24d8762e7dcd15e2
  • Fix Request options not being reused on retry 3c23eea5a096f6f8ea0edf3e2a27e1caca88acf9

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [got](https://github.com/sindresorhus/got) from 11.8.2 to 12.0.0.
- [Release notes](https://github.com/sindresorhus/got/releases)
- [Commits](sindresorhus/got@v11.8.2...v12.0.0)

---
updated-dependencies:
- dependency-name: got
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Jan 4, 2022
@christian-hawk
Copy link
Contributor

Can one of the admins verify this patch?

@christian-hawk
Copy link
Contributor

@dependabot rebase

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Jan 7, 2022

Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry!

If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

@sonarcloud
Copy link

sonarcloud bot commented Jan 7, 2022

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

@christian-hawk
Copy link
Contributor

@kdhttps can you check? According to test:

Instead rename index.js to end in .cjs, change the requiring code to use import(), or remove "type": "module" from /home/runner/work/gluu-passport/gluu-passport/node_modules/got/package.json.

@christian-hawk christian-hawk removed their request for review January 8, 2022 14:36
@kdhttps
Copy link
Contributor

kdhttps commented Jan 10, 2022

@kdhttps can you check? According to test:

Instead rename index.js to end in .cjs, change the requiring code to use import(), or remove "type": "module" from /home/runner/work/gluu-passport/gluu-passport/node_modules/got/package.json.

@christian-hawk mate, I dug into it. It will be a big change. ESM stands for ECMAScript Modules. Which uses import and export module syntax which is not supported by CommonJS i.e. default node setup. So the big change is we have to use this ECMAScript syntax in the whole project. we can not use require at someplace and import at someplace. we have to choose one. Actually, we have no choice here. If we want to use the latest got then we need to use ESM in our whole project.

StackOverflow issue details. Please share your thoughts!

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Jan 10, 2022

A newer version of got exists, but since this PR has been edited by someone other than Dependabot I haven't updated it. You'll get a PR for the updated version as normal once this PR is merged.

@christian-hawk
Copy link
Contributor

christian-hawk commented Jan 15, 2022

@kdhttps can you check? According to test:

Instead rename index.js to end in .cjs, change the requiring code to use import(), or remove "type": "module" from /home/runner/work/gluu-passport/gluu-passport/node_modules/got/package.json.

@christian-hawk mate, I dug into it. It will be a big change. ESM stands for ECMAScript Modules. Which uses import and export module syntax which is not supported by CommonJS i.e. default node setup. So the big change is we have to use this ECMAScript syntax in the whole project. we can not use require at someplace and import at someplace. we have to choose one. Actually, we have no choice here. If we want to use the latest got then we need to use ESM in our whole project.

StackOverflow issue details. Please share your thoughts!

Here is a more proper issue on got repo: sindresorhus/got#1789

so there is an await import('got') workaround. Anyway it looks like ESM is the future, supported from node 12, and modules are using it (node-fetch, got, and others). So, I understand we should:

  • Try await import workaround
  • Open issue to upgrade to ESM imports.

What do you think @kdhttps ?

@kdhttps
Copy link
Contributor

kdhttps commented Jan 17, 2022

@christian-hawk mate agreed but to use await import workaround is not really straightforward. We have to use a second technique, In this issue sindresorhus/got#1789 which is wrapped-got.js. Please let me know to proceed with this or not?

Opened Issue to upgrade ESM #409

@kdhttps
Copy link
Contributor

kdhttps commented Aug 29, 2024

@dependabot rebase

Copy link
Contributor Author

dependabot bot commented on behalf of github Aug 29, 2024

Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry!

If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

@kdhttps
Copy link
Contributor

kdhttps commented Aug 29, 2024

@dependabot recreate

Copy link
Contributor Author

dependabot bot commented on behalf of github Aug 29, 2024

Superseded by #562.

@dependabot dependabot bot closed this Aug 29, 2024
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/got-12.0.0 branch August 29, 2024 14:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants