fix(deps): update dependency got to v11 [security] #289
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
^10.7.0
->^11.0.0
Test plan: CI should pass with updated dependencies. No review required: this is an automated dependency update PR.
GitHub Vulnerability Alerts
CVE-2022-33987
The got package before 11.8.5 and 12.1.0 for Node.js allows a redirect to a UNIX socket.
Release Notes
sindresorhus/got (got)
v11.8.5
Compare Source
v11.8.3
Compare Source
9463bb6
HTTPError
missing.code
property (#1739)0e167b8
v11.8.2
Compare Source
dnsCache
option lazy (#1529)3bd245f
This slightly improves Got startup performance and fixes an issue with Jest.
v11.8.1
Compare Source
4c815c3
v11.8.0
Compare Source
0
onstat
(#1488)7acd380
beforeRetry
allows stream body if different from original (#1501)3dd2273
390b145
v11.7.0
Compare Source
Improvements
pfx
HTTPS option (#1364)c33df7f
body
afterbeforeRequest
(#1453)e1c1844
7bc69d9
Fixes
88b32ea
promise.json()
c97ce7c
52de13b
v11.6.2
Compare Source
Bug fixes
prefixUrl
option from parent if it'sundefined
(#1448)a3da70a
29d4e32
c126ff1
Docs
2b352d3
f248618
RequestError
links3ed4af6
Tests
27470b5
v11.6.1
Compare Source
Fixes
options.port
on redirect (#1439)408e22a
Meta
5031843
d12d6af
v11.6.0
Compare Source
Improvements
retry
stream event (#1384)7072198
http-cache-semantics
options2e2295f
CancelError
inheritRequestError
1f132e8
retryAfter
toRetryObject
643a305
eaf1e02
cacheOptions
property9c16d90
Bug fixes
6e1aeae
Docs
f7bbc37
CancelError
docs28c400f
README
(#1425)38bbb04
v11.5.2
Compare Source
Docs
a3e171c
request
migration guide (#1387)a748343
9a309bd
Bug fixes
e02845f
dnsCache: true
having no effect043c950
v11.5.1
Compare Source
Enhancements
http2-wrapper
to1.0.0-beta.5.0
16e7f03
f7a1379
61d6f61
Bug fixes
2d96679
1ef053d
Docs
readme.md
4ebd26a
bd2d532
c833939
559526e
4083347
v11.5.0
Compare Source
Improvements
backoff
option to pagination (#1182)4be7446
b9a855d
476c026
8d697bc
b51d836
Fixes
676be6d
ac5f67d
response
event not being emitted on cache verify request (#1305)da4769e
f33e8bc
e1afe82
aeb2e07
Docs
beforeRequest
hook779062a
044767e
v11.4.0
Compare Source
934211f
7dcd145
5028c11
04f3ea4
The server aborted pending request
rejection728aef9
ECONNRESET
code to an abort errord325d35
prefixUrl
not working when theurl
argument is empty8d3412a
searchParams
option4dbada9
8f775c7
v11.3.0
Compare Source
https
options (#1304)c98f0d7
cb4da8d
dnsLookupIpVersion
option (#1264)7f643bb
v11.2.0
Compare Source
responseType
(#1276)b9ba18a
beforeRequest
hook (#1293)d8c00cf
2ccc4c2
ready
event if the file descriptor is already opened (#1289)2c8fe19
697de37
v11.1.4
Compare Source
3f125f1
cacheable-lookup
to 5.0.39770e54
48bbb36
options.rejectUnauthorized
in the documentation9b04963
responseType
set toundefined
0e8582f
6f84051
got.paginate()
an alias forgot.paginate.each()
5480b31
761b8e0
decompress-response
to6.0.0
c2bc014
lolex
to@sinonjs/fake-timers
(#1270)df333dd
calculateDelay
promisable (#1266)3745efc
v11.1.3
Compare Source
request.abort()
(#1242)ab338a7
host
header on redirect (#1241)8ff71d9
7dbb9ee
91aa0ac
searchParams
in merge (#1208)7d7361c
8862270
47c1afe
5131dc2
v11.1.2
Compare Source
Bug fixes
options.dnsCache
by default79507c2
Enhancements
822bfa7
05ff878
v11.1.1
Compare Source
50ef99a
got.mergeOptions()
regression157e02b
7b19e8f
options.responseType
optional when using a template9ed0a39
v11.1.0
Compare Source
pagination.stackAllItems
option (#1214)c1208d1
c127f5b
278c421
v11.0.3
Compare Source
Fixes
4344c3a
b927e2d
options.searchParams
duplicates429db40
.abort()
on a destroyed request63c1b72
Docs
16ff82f
cache
anddnsCache
can befalse
7c5290d
v11.0.2
Compare Source
response.statusMessage
being null965bd03
http2-wrapper
dependency to1.0.0-beta.4.4
4e8de8e
Merge
as it's stricter than the intersection operatord3b972e
8501c69
options.body
835c70b
v11.0.1
Compare Source
Fixed two regressions:
HTTPError
s have unspecified response body (#1162)Improved TypeScript types for errors inherited from
RequestError
v11.0.0
Compare Source
Introducing Got 11! 🎉 The last major version was in December last year. ❄️ Since then, a huge amount of bugs has been fixed. There are also many new features, for example, HTTP2 support is finally live! 🌐
If you find Got useful, you might want to sponsor the Got maintainers.
Breaking changes
Removed support for
electron.net
Due to the inconsistencies between the Electron's
net
module and the Node.jshttp
module, we have decided to officially drop support for it. Therefore, theuseElectronNet
option has been removed.You'll still be able to use Got in the Electron main process and in the renderer process through the
electron.remote
module or if you use Node.js shims.The Pagination API is now stable
We haven't seen any bugs yet, so please give it a try!
If you want to leave some feedback, you can do it here. Any suggestion is greatly appreciated!
API
options.encoding
behavior has been reverted back to the Got 9 behavior.In other words, the options is only meant for the Got promise API.
To set the encoding for streams, simply call
stream.setEncoding(encoding)
.GotError
has been renamed toRequestError
for better readability and to comply with the documentation.agent
option now accepts only an object withhttp
,https
andhttp2
properties.While the
http
andhttps
properties accept nativehttp(s).Agent
instances, thehttp2
property must be an instance ofhttp2wrapper.Agent
or be undefined.dnsCache
option is now set to a default instance ofCacheableLookup
. It cannot be aMap
-like instance anymore. The underlyingcacheable-lookup
package has received many improvements, for example, it has receivedhosts
file support! Additionally, thecacheAdapter
option has been renamed tocache
. Note that it's no longer passed to Keyv, so you need to pass a Keyv instance it if you want to save the data for later.init
hooks will be converted to instances ofRequestError
.RequestError
s provide much more useful information, for example, you can access the Got options (througherror.options
), which is very useful when debugging.init
hook may not have aurl
property. To modify the request URL you should use abeforeRequest
hook instead.Note that this example shows a simple use case. In more complicated algorithms, you need to split the
init
hook into anotherinit
hook and abeforeRequest
hook.error.request
property is no longer aClientRequest
instance. Instead, it gives a Got stream, which provides a set of useful properties.Renamed TypeScript types
Some of the TypeScript types have been renamed to improve the readability:
ResponseObject
Response
Defaults
InstanceDefaults
DefaultOptions
Defaults
DefaultRetryOptions
RequiredRetryOptions
GotOptions
Options
GotRequestMethod
GotRequestFunction
Other
Enhancements
HTTP2 support is here! Excited? Yay! Unfortunately, it's off by default to make the migration smoother. Many Got users have set up their own Agents and we didn't want to break them. But fear no more, it will come enabled by default in Got 12.
merge
function is slow (#1016)error.code
instead oferror.message
to compare errors (#981)init
hook tobeforeError
hook (#929)+
in query strings (#1113)got.stream(...)
(#1129)error.request
a Got stream (af0b147
).Known bugs
timings
may indicate that the request was successful although it failed.downloadProgress
object may show incorrect data.Bug fixes
beforeRequest
hooks aren't called on redirects (#994)stream.pipeline(got.stream(...), ...)
(#1026)cache
along with thebody
option (#1021)got.mergeOptions(...)
doesn't mergeURLSearchParams
instances (#1011)authorization
header is leaking (#1090)resolveBodyOnly
option (#1140)beforeRetry
hooks are missingoptions.context
(#1141)promise.json()
doesn't throwParseError
(#1069)[email protected]
(#1131)cache
option in a Got instance (#1098)cache
(#1128)All changes
Configuration
📅 Schedule: Branch creation - "" in timezone America/Los_Angeles, Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.