whitlockjc / path-loader Goto Github PK
View Code? Open in Web Editor NEWUtility that provides a single API for loading the content of a path/URL.
License: MIT License
Utility that provides a single API for loading the content of a path/URL.
License: MIT License
Originally reported here: apigee-127/sway#24
Your patch version update is actually a major version upgrade since you have bumped superagent dependency from 3.8.3 to 7.1.6.
And superagent has this upgrade on its dependency:
formidable@1.2.6 -> formidable@2.0.1
Which now on my version of node hits the following error:
formidable/src/index.js:27
...parsers,
^^^
SyntaxError: Unexpected token ...
At https://github.com/whitlockjc/path-loader/blob/master/test/test-loaders-browser.js#L121 , I see "should support non-JSON with options.processContent" as a condition, though the file indicated is actually JSON and there is no inclusion of options.processContent
. Similarly at https://github.com/whitlockjc/path-loader/blob/master/test/test-loaders-node.js#L164 (and https://github.com/whitlockjc/path-loader/blob/master/test/test-loaders-node.js#L100 there is a non-JSON file but it also has no options.processContent
).
API documentation for load method lists location parameter to be of type module:path-loader~LoadOptions instead of string and does not specify options as a parameter at all.
There is an advisory for the npm package qs that can be solved by upgrading your dependency of superagent to the latest version (currently at v3.5.2), or at the very least v2.0.0
Some additional info from snyk and the qs github issue.
Should be a simple bump as there haven't been too many changes from 5 to 6 that would break.
Path loader is a dependent or transitive dependent of several swagger related packages.
Karma has support to serve static files and that would be much simpler to use than spinning up a server in the Gulp file.
It would be slick to allow for the consumer to add/replace loaders.
As of right now, NSP has an exception for https://nodesecurity.io/advisories/479 and it should be removed once ladjs/superagent#1259 is fixed.
This repository is a nested dependency of my project. The latest version (1.0.11) added the node v14 engine as mandatory (it wasn't even defined before). My project uses node v12 and the pipeline broke due to this change. Any engine update should be done on a major, so everyone that directly depends on it could test it. Please, deprecate the latest tag and release it as a major (if node engine 14 is really necessary).
Line 70 in fb7cb74
From this code:
path-loader/lib/loaders/http.js
Lines 53 to 56 in 937d5da
...there actually still is always a warning in the browser because:
...contains a stub for this method.
I think the warning could be avoided by checking for window
and self
(as superagent does in the beginning of that same file:
...and if neither is present, only then do the check to run the buffer
method...
Bower is no longer maintained and should be migrated away from.
Superagent has a bug that breaks it in web workers: ladjs/superagent#673
path-loader uses superagent to load http, which makes path-loader subject to any security advisory that might be issued against superagent. there are 2 that can be resolved by updating to the latest version of superagent:
It looks like nsp
was shut down so we should migrate to snyk
.
It would be nice to have a clearable cache so that multiple loads of the same path do not duplicate efforts. Might even make sense to allow for disabling cache via an option.
Would you be able to deploy the changes that have been made to the npm registry? The version that exists in the npm registry is missing any updates from the last 2 years that have been made, including security vulnerabilities (such as the older version of jQuery).
You'll likely need to bump your package version for it to be deployed.
This package depends on superagent 7.1.6. This is giving a deprecation warning.
npm WARN deprecated [email protected]: Please downgrade to v7.1.5 if you need IE/ActiveXObject support OR upgrade to v8.0.0 as we no longer support IE and published an incorrect patch version (see ladjs/superagent#1731)
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.