-
Notifications
You must be signed in to change notification settings - Fork 298
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Limit the tough-cookie to 2.5 as 3.x removes node 0.10 support #299
Conversation
1 similar comment
Just a note that the latest tough-cookie version also drops node 6 which is not yet EOL. This bump to 3.0.0 should probably have been a breaking change in |
Hey @aomdoa @jrjohnson quick question: My assumption is that |
I'm using neither tough-cookie or resolve-promise directly. My chain looks like
The issue is that a breaking change of |
Thank you very much @jrjohnson ! That makes sense. Well, ideally To ensure that even possible edge cases are gone once you install the next release that I’ll do shortly, please check afterwards that |
|
Thanks @analog-nico! I agree that I could have avoided this (and did in the end) by just not updating my lock file so this transitive dependency update didn't hit my app. I'll check what is being installed when I next update. Would you like me to submit a PR that updates tough-cookies to the 3.0 series so it can be released here as a breaking 5.0? |
Thanks again for your input @jrjohnson ! No need for a PR. Thanks. The important point here is that |
Latest tough-cookie does not have node 0.10 support. Update the package.json to limit to the 2.5 version.