Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.
Sign upFeature/4171 depd #4174
Feature/4171 depd #4174
Conversation
Related #4171
Related #4171
Related #4171
Related #4171
| @@ -33,9 +33,9 @@ | |||
| "content-disposition": "0.5.3", | |||
| "content-type": "~1.0.4", | |||
| "cookie": "0.4.0", | |||
| "cookie-signature": "1.0.6", | |||
| "cookie-signature": "1.1.0", | |||
dougwilson
Feb 5, 2020
Member
This will create a confusing warning for users that says cookie-signature@1.1.0: wanted: {"node":">=6.6.0"} (current: {"node":"1.8.4","npm":"2.9.0"}) but will also fail to install Express when they have strict engine set.
This will create a confusing warning for users that says cookie-signature@1.1.0: wanted: {"node":">=6.6.0"} (current: {"node":"1.8.4","npm":"2.9.0"}) but will also fail to install Express when they have strict engine set.
dougwilson
Feb 5, 2020
Member
Yea, it will likely need to be held for 5.0
Yea, it will likely need to be held for 5.0
Suggest by @dougwilson at #4174
| "debug": "2.6.9", | ||
| "depd": "~1.1.2", | ||
| "depd": "~2.0.0", |
dougwilson
Feb 5, 2020
Member
We want to make sure this doesn't cause duplicate depd stances within the install tree. I haven't checked if any of our other sub deps use depd, but you'll want to check that out, and then "bubble up" the dependency updated into this repo so we keep our install tree small.
We want to make sure this doesn't cause duplicate depd stances within the install tree. I haven't checked if any of our other sub deps use depd, but you'll want to check that out, and then "bubble up" the dependency updated into this repo so we keep our install tree small.
UlisesGascon
Feb 5, 2020
Author
Member
😅 Yes! You are right. Let's move it for 5.0
├─┬ cookie-session@1.3.3
│ ├─┬ cookies@0.7.3
│ │ ├── depd@1.1.2
├─┬ multiparty@4.2.1
│ ├─┬ fd-slicer@1.1.0
│ │ └── pend@1.2.0
│ ├─┬ http-errors@1.7.3
│ │ ├── depd@1.1.2
├─┬ send@0.17.1
│ ├── depd@1.1.2
│ ├── destroy@1.0.4
├─┬ cookie-session@1.3.3
│ ├─┬ cookies@0.7.3
│ │ ├── depd@1.1.2
├─┬ multiparty@4.2.1
│ ├─┬ fd-slicer@1.1.0
│ │ └── pend@1.2.0
│ ├─┬ http-errors@1.7.3
│ │ ├── depd@1.1.2
├─┬ send@0.17.1
│ ├── depd@1.1.2
│ ├── destroy@1.0.4
| @@ -52,7 +52,7 @@ | |||
| "safe-buffer": "5.1.2", | |||
| "send": "0.17.1", | |||
| "serve-static": "1.14.1", | |||
| "setprototypeof": "1.1.1", | |||
| "setprototypeof": "1.2.0", | |||
UlisesGascon
Feb 5, 2020
Author
Member
Yes! Seems duplicated. Do you want me to revert it?
Yes! Seems duplicated. Do you want me to revert it?
dougwilson
Feb 5, 2020
Member
We may want to so as I begin landing these once the plan is determined it doesn't delay with merge conflicts.
We may want to so as I begin landing these once the plan is determined it doesn't delay with merge conflicts.
This comment has been minimized.
This comment has been minimized.
|
Please edit the commit message to remove the at mention for me. Unfortunately from past experience if this gets merged it will end up pinging me a lot as people fork express... :( |
|
If you agree I will close the PR as |
|
Sure, though I didn't see a reason for the |
|
I have been working to snake the |
|
Ok, just as an update I am on the last major module that needs the update: http-errors. It will bump the major of that module, but I made sure that it would not affect the major version of anything within express depending on it so it will actually work out |
Main Changes
cookie-signature@1.1.0setprototypeof@1.2.0depd@2.0.0History.mdas unreleasedContext
Changelog