Update ajv, deep-equal, json-pointer, commander and other dependencies #565
Conversation
kuba-kubula
added
dependencies
security
kuba-kubula
changed the title
package.json
Outdated
| "media-typer": "1.1.0", | ||
| "tv4": "1.3.0", | ||
| "url": "0.11.0" | ||
| "url-parse": "1.5.1" |
There was a problem hiding this comment.
It'd be great if you could have a look at #536. Technically url is just a dev-dependency right now.
There was a problem hiding this comment.
Based on the code of validate.js - there's still the validateURI function using deep-clone to do comparison of a query-string regardless of ordering of key=value pairs.
There was a problem hiding this comment.
building CommonJS sure - I might look into it.
You're right that url could be a devDependency, as NodeJs has its version as part of core.
Have to 🤔 about it a bit more.
There was a problem hiding this comment.
@realityking I'm more or less thinking about actually reusing uri-js instead of any url-parse/url/native-url or what-not (that package is anyway used by ajv, so it is present at all cost)
There was a problem hiding this comment.
Not a bad idea. Another idea could be to move to the native URL API (https://nodejs.org/api/url.html#url_the_whatwg_url_api) and either polyfill for older browsers or ask users to polyfill themselves.
- function to convert legacy Amanda/TV4 error messages to Gavel-compliant structure - function to convert TV4 to headers error message - function to warn on using deprecated functionality
|
🎉 This PR is included in version 10.0.2 🎉 The release is available on: Your semantic-release bot 📦🚀 |
closes #252
closes #481
closes #520
closes #535
closes #539
closes #540
closes #547
closes #558
closes #562
closes #564