Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Replace psl dependency with tldts #338

Closed
isaacl opened this issue Dec 4, 2023 · 9 comments · Fixed by #346
Closed

Replace psl dependency with tldts #338

isaacl opened this issue Dec 4, 2023 · 9 comments · Fixed by #346

Comments

@isaacl
Copy link

isaacl commented Dec 4, 2023

The psl project seems to be dead.

It's generating a punycode deprecation warning despite an 18mo old open pull request fixing this issue. tough-cookie incurs a serious performance bottleneck due to its use of psl.

tldts is active, and much, much more performant.

Can you fix this, please?
@isaacl isaacl mentioned this issue Dec 5, 2023
Closed
colincasey added a commit that referenced this issue Dec 13, 2023
@colincasey
Replace psl with tldts
923ce7c 
One of the topics that came up in discussions for v5 was considering replacements for `psl` (see #255). This PR replaces that library with `tldts` which is more performant.

Fixes #239
Fixes #338
@colincasey colincasey mentioned this issue Dec 13, 2023
Merged
@colincasey
Copy link
Contributor

Thanks for opening this issue @isaacl. We have discussed a replacement for psl and tldts look decent.

@wjhsf wjhsf mentioned this issue Dec 20, 2023
Closed
@wjhsf wjhsf mentioned this issue Jan 2, 2024
Closed
wjhsf pushed a commit that referenced this issue Feb 8, 2024
@pozil @Templarian
feat: toastContainer stub (#338)
05ea165 
* feat: toastContainer stub

* Update src/lightning-stubs/toastContainer/toastContainer.js

Co-authored-by: Austin Andrews <admin@templarian.com>

* Update toastContainer.js

Removed unused `config` var to avoid linting error.

---------

Co-authored-by: Austin Andrews <admin@templarian.com>
@obecker
Copy link

obecker commented Apr 8, 2024

@colincasey I think you should consider also removing "@types/psl": "^1.1.3" from the devDependencies.

@obecker obecker mentioned this issue Apr 8, 2024
Closed
@colincasey colincasey mentioned this issue Apr 9, 2024
Merged
@colincasey
Copy link
Contributor

Thanks for calling that out @obecker. It will be removed with #406.

@skagedal
Copy link

skagedal commented May 2, 2024

Thank you for this fix! It seems it didn't make it into the 4.1.4 release. Will there be a new release soon?

@colincasey
Copy link
Contributor

@skagedal this won't be backported to 4.1.4. It's only available in our v5 release candidate for now (5.0.0-rc.1).

The upcoming v5 release is primarily an internal uplift that includes TypeScript support and improved documentation so it should be a seamless upgrade but feel free to try out the release candidate ahead of time and report any issues 😄

@skagedal
Copy link

skagedal commented May 3, 2024

Ah, thanks, I had missed that release candidate! I tested it out in our project and indeed, PSL is now gone along with those particular punycode warnings. Good work.

@shioju shioju mentioned this issue May 13, 2024
Closed
6 tasks
@TimJohns TimJohns mentioned this issue Jun 13, 2024
Closed
This was referenced Jun 29, 2024
Closed
Closed
@boehs boehs mentioned this issue Jul 16, 2024
Closed
@iambumblehead
Copy link

the punycode warning for the last year or so is very annoying

@JessicaSachs
Copy link

Hey, I wrote a bit of a book here for others to find. Please feel free to reference it as people complain about trying to suppress the warning from punycode.

@skagedal this won't be backported to 4.1.4. It's only available in our v5 release candidate for now (5.0.0-rc.1).

The upcoming v5 release is primarily an internal uplift that includes TypeScript support and improved documentation so it should be a seamless upgrade but feel free to try out the release candidate ahead of time and report any issues 😄

The 5.0.0-rc.1 release doesn't seem to remove the dependency on punycode BUT THE 5.0.0-rc.4 version does.

Steps to override transitive tough-cookie deps to use 5.0.0-rc.4

If you have a dependency on tough-cookie from a test-only package like jsdom or msw, here's how you override the dependency to fall through to tough-cookie's pre-release version. I suggest doing a fine-grained control to scope overrides to the build-only or test-only packages where your changes are more-or-less guaranteed to be harmless.

1. Find the deps (npm ls punycode)

Detect where the transitive dep is from using npm ls punycode. If you're using msw (v2.3.5 at time of writing), it depends on tough-cookie. You'll see something like this output when running npm ls punycode.

Screenshot 2024-09-05 at 6 19 05 PM

2. Trash your lockfiles and node_modules

3. Setup overrides in package.json

Start forcing resolutions using npm overrides. I suggest doing this in a way that you're sure is safe for your codebase. You can just say "tough-cookie": "5.0.0-rc.4" but I wouldn't risk using an rc version in production without significant testing.

Example fixed package.json:

{
  "dependencies": {
    "msw": "latest"
  },
  "overrides": {
    "msw": {
      "tough-cookie": "5.0.0-rc.4"
    }
  }
}

4. npm install

If you do it right:

  • npm ls punycode should come up empty
Screenshot 2024-09-05 at 6 40 17 PM
  • looking in your node_modules for tough-cookie should show the proper version number.
Screenshot 2024-09-05 at 6 40 01 PM

Other package managers:

@MikeMcC399
Copy link

@JessicaSachs

I'm seeing tough-cookie@5.0.0 now released.

@wjhsf wjhsf mentioned this issue Sep 16, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Replace psl with tldts salesforce/tough-cookie
7 participants
@colincasey @obecker @isaacl @skagedal @iambumblehead @JessicaSachs @MikeMcC399