Skip to content
This repository has been archived by the owner on Nov 28, 2022. It is now read-only.

Bump node-fetch from 2.0.0-alpha.9 to 2.6.0 #280

Merged
merged 4 commits into from
Nov 22, 2019

Conversation

dependabot-preview[bot]
Copy link
Contributor

Bumps node-fetch from 2.0.0-alpha.9 to 2.6.0.

Release notes

Sourced from node-fetch's releases.

v2.6.0

See CHANGELOG.

v2.5.0

See CHANGELOG.

v2.4.1

See CHANGELOG.

v2.4.0

See CHANGELOG.

v2.3.0

See CHANGELOG.

v2.2.1

See CHANGELOG.

Version 2.1.2

  • Fix: allow Body methods to work on ArrayBuffer-backed Body` objects
  • Fix: reject promise returned by Body methods when the accumulated Buffer exceeds the maximum size
  • Fix: support custom Host headers with any casing
  • Fix: support importing fetch() from TypeScript in browser.js
  • Fix: handle the redirect response body properly

See CHANGELOG.

Version 2.1.1

See CHANGELOG.

Fix packaging errors in version 2.1.0.

Version 2.1.0

See CHANGELOG:

  • Enhance: allow using ArrayBuffer as the body of a fetch() or Request
  • Fix: store HTTP headers of a Headers object internally with the given case, for compatibility with older servers that incorrectly treated header names in a case-sensitive manner
  • Fix: silently ignore invalid HTTP headers
  • Fix: handle HTTP redirect responses without a Location header just like non-redirect responses
  • Fix: include bodies when following a redirection when appropriate

Version 2.0.0

This is a major release. See upgrade guide on how to upgrade from v1.x, and the changelog for all changes.

Changelog

Sourced from node-fetch's changelog.

v2.6.0

  • Enhance: options.agent, it now accepts a function that returns custom http(s).Agent instance based on current URL, see readme for more information.
  • Fix: incorrect Content-Length was returned for stream body in 2.5.0 release; note that node-fetch doesn't calculate content length for stream body.
  • Fix: Response.url should return empty string instead of null by default.

v2.5.0

  • Enhance: Response object now includes redirected property.
  • Enhance: fetch() now accepts third-party Blob implementation as body.
  • Other: disable package-lock.json generation as we never commit them.
  • Other: dev dependency update.
  • Other: readme update.

v2.4.1

  • Fix: Blob import rule for node < 10, as Readable isn't a named export.

v2.4.0

  • Enhance: added Brotli compression support (using node's zlib).
  • Enhance: updated Blob implementation per spec.
  • Fix: set content type automatically for URLSearchParams.
  • Fix: Headers now reject empty header names.
  • Fix: test cases, as node 12+ no longer accepts invalid header response.

v2.3.0

  • Enhance: added AbortSignal support, with README example.
  • Enhance: handle invalid Location header during redirect by rejecting them explicitly with FetchError.
  • Fix: update browser.js to support react-native environment, where self isn't available globally.

v2.2.1

  • Fix: compress flag shouldn't overwrite existing Accept-Encoding header.
  • Fix: multiple import rules, where PassThrough etc. doesn't have a named export when using node <10 and --exerimental-modules flag.
  • Other: Better README.

v2.2.0

  • Enhance: Support all ArrayBuffer view types
  • Enhance: Support Web Workers
  • Enhance: Support Node.js' --experimental-modules mode; deprecate .es.js file
  • Fix: Add __esModule property to the exports object
  • Other: Better example in README for writing response to a file
  • Other: More tests for Agent

v2.1.2

  • Fix: allow Body methods to work on ArrayBuffer-backed Body objects
... (truncated)
Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Note: This repo was added to Dependabot recently, so you'll receive a maximum of 5 PRs for your first few update runs. Once an update run creates fewer than 5 PRs we'll remove that limit.

You can always request more updates by clicking Bump now in your Dependabot dashboard.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

@dependabot-preview dependabot-preview bot added the scope:dependency Pull requests that update a dependency file label Aug 19, 2019
@dependabot-preview dependabot-preview bot requested a review from erunion August 19, 2019 12:27
@erunion erunion force-pushed the dependabot/npm_and_yarn/node-fetch-2.6.0 branch from 13c0473 to b32e92f Compare August 26, 2019 18:28
expect((await parseResponse(har, new Response(responseBody))).type).toEqual(null);
test('should autodetect a content-type if content-type header missing', async () => {
expect((await parseResponse(har, new Response(responseBody))).type).toEqual(
'text/plain;charset=UTF-8',
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

node-fetch now defaults to doing auto-detection on response bodies, so a null content type should never be returned here in our test case.

@erunion
Copy link
Member

erunion commented Aug 26, 2019

@domharrington @kanadgupta Can yall take a look at this? There are a few major changes in node-fetch where it'll no longer return a null content type header, so I had to update some test expectations to account for this.

@erunion
Copy link
Member

erunion commented Sep 5, 2019

@dependabot rebase

@dependabot-preview
Copy link
Contributor Author

Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry!

If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

Copy link
Member

@domharrington domharrington left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I had a look a this just now, and the only places i can see .type being used are here:

result.type && contentTypeIsJson(result.type) && typeof result.responseBody === 'object';

and here:

{syntaxHighlighter(result.responseBody, result.type)}

I wonder if passing 'text/plain;charset=UTF-8' into the syntax-highligher will work?

@domharrington
Copy link
Member

Looking at our code for this, if someone returns JSON but no content-type, then we'll render with no syntax highlighting. I'm not sure if that's the same as now, or whether this will be a regression.

const contentType = response.headers.get('Content-Type');
const isJson = contentType && contentTypeIsJson(contentType);
// We have to clone it before reading, just incase
// we cannot parse it as JSON later, then we can
// re-read again as plain text
const clonedResponse = response.clone();
let responseBody;
try {
responseBody = await response[isJson ? 'json' : 'text']();
} catch (e) {
responseBody = await clonedResponse.text();
}

@erunion
Copy link
Member

erunion commented Oct 5, 2019

@domharrington Ignoring that this is actually HTML, but syntax-highlighter can render text/plain;charset=UTF-8 just fine.

Screen Shot 2019-10-05 at 11 33 41 AM

So if we don't get back a content type now, node-fetch defaulting to that should be fine.

@erunion erunion merged commit d7e826f into master Nov 22, 2019
@erunion erunion deleted the dependabot/npm_and_yarn/node-fetch-2.6.0 branch November 22, 2019 17:23
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
scope:dependency Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants