Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump slug from 9.1.0 to 10.0.0 #4231

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump slug from 9.1.0 to 10.0.0 #4231

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 21, 2024
edited
Loading

Bumps slug from 9.1.0 to 10.0.0.

Changelog

Sourced from slug's changelog.

10.0.0 (2024-10-17)

BREAKING CHANGES

  • This module only supports ESM. CommonJS and non-ESM script tags are no longer supported.

  • chore: add web-test-runner

  • chore: add coverage reporting for CLI tests

  • chore: fail CLI tests if coverage is not 100%

Commits
  • e0df06a chore(release): 10.0.0 [skip ci]
  • a8db3ed ESM only + move to webtestrunnner (#467)
  • cf5321d chore: add Node.js 23 to test matrix (#469)
  • 0d8bbff chore(deps): bump cookie and engine.io (#468)
  • 3703bc1 chore: update package-lock.json (#466)
  • b740c0d chore(deps-dev): bump semantic-release from 24.1.1 to 24.1.2 (#465)
  • e2a3b12 chore(deps-dev): bump nyc from 17.0.0 to 17.1.0 (#464)
  • 23bab8e chore(deps): bump body-parser from 1.20.2 to 1.20.3 (#463)
  • 6630102 chore(deps-dev): bump standard from 17.1.0 to 17.1.2 (#462)
  • 82a0c65 chore(deps-dev): bump semantic-release from 24.1.0 to 24.1.1 (#461)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Oct 21, 2024
@dependabot dependabot bot requested a review from a team October 21, 2024 09:58
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/slug-10.0.0 branch 3 times, most recently from 32a6b6a to ec42998 Compare October 21, 2024 15:00
@owenatgov
Copy link
Contributor

This problem is fairly obvious: we can't use require anymore if we want to continue using slug. We use require in all our tooling code and only use slug in one place: the slugify function in filters.js. It might be easier to look for an alternative to slug or write something ourself.

@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/slug-10.0.0 branch 2 times, most recently from 5227892 to 3335937 Compare October 21, 2024 15:12
@romaricpascal
Copy link
Member

Replacing slug by another function would be something we'd need to do cautiously as not all functions creating slugs behave the same (mostly along treatments of 'special' characters like apostrophes, parenthesis...).

I don't think there's a massive urgency to update here, and as more and more libraries switch to ESM only, we may need to consider switching to ESM altogether ourselves as well 🤔

@romaricpascal
Copy link
Member

We could also:

  • explore whether we can convert filter.js into filter.mjs that'd allow using import. This may require (🥁 🐍 ) other files to be turned into .mjs file as well.
  • explore if we can use import() (which is available in CommonJS files) to asynchronously import slug
  • see if Node 22 makes things better once it become LTS (end of the month) as it seems you can require ES Modules

@romaricpascal
Copy link
Member

Testing locally, it seems upgrading to Node 22, which is finally LTS, makes the tests run smoothly as it allows requireing ES modules. I'll raise a separate PR for this and once it's merged, we can rebase and merge this one 😊

@romaricpascal
Copy link
Member

@dependabot rebase

@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/slug-10.0.0 branch 2 times, most recently from 2d642a1 to c0e9b1f Compare October 31, 2024 10:12
@romaricpascal
Copy link
Member

@dependabot recreate

@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/slug-10.0.0 branch 2 times, most recently from 712417b to 19d97ae Compare November 1, 2024 09:48
@romaricpascal
Copy link
Member

Testing locally, it seems upgrading to Node 22, which is finally LTS, makes the tests run smoothly as it allows requireing ES modules. I'll raise a separate PR for this and once it's merged, we can rebase and merge this one 😊

That feature is actually behind a flag so I'm not quite sure what made it work, maybe I forgot to npm i after pulling and was still running against slug 9.x 🤔

@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/slug-10.0.0 branch 4 times, most recently from 0c65a0e to 5dad51b Compare November 13, 2024 16:34
@dependabot
Bump slug from 9.1.0 to 10.0.0
cb1c636 
Bumps [slug](https://github.com/Trott/slug) from 9.1.0 to 10.0.0.
- [Changelog](https://github.com/Trott/slug/blob/main/CHANGELOG.md)
- [Commits](Trott/slug@v9.1.0...v10.0.0)

---
updated-dependencies:
- dependency-name: slug
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/slug-10.0.0 branch from 5dad51b to cb1c636 Compare November 18, 2024 13:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@owenatgov @romaricpascal