-
Notifications
You must be signed in to change notification settings - Fork 30k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
deps: update undici to 5.26.4 #50274
Conversation
deps/undici/src/package-lock.json
Outdated
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This package-lock.json is not part of the source code and was generated during the build in nodejs/node GitHub Actions, should it be part of deps/undici and commited to nodejs/node?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
package-lock is hardly useful (for undici and this library). We can update the script and remove the package-lock file if you prefer.
I think landing this asap would be better tho.
], | ||
"scripts": { | ||
"build:node": "node scripts/esbuild-build.mjs", | ||
"build:node": "npx esbuild@0.19.4 index-fetch.js --bundle --platform=node --outfile=undici-fetch.js --define:esbuildDetection=1 --keep-names", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
How is this build dependency, fixed to be esbuild@0.19.4, version-automated to be maintained up to date?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This was done like that in undici, and we switched to a build script in a hurry for the security release. https://github.com/nodejs/undici/blob/4006aaf43ac8b30e16d6d3b89fa2e0df4b7eef33/package.json#L73.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@panva undici always pinned esbuild's version here. I updated it from some version of 0.14. Realistically we would want to get rid of esbuild entirely, as it's caused nothing but issues (hinting at my next pr probably).
I kindly ask to fast-track this to be able to fix v18.x v20.x and v21.x asap: |
Fast-track has been requested by @mcollina. Please 👍 to approve. |
Commit Queue failed- Loading data for nodejs/node/pull/50274 ✔ Done loading data for nodejs/node/pull/50274 ----------------------------------- PR info ------------------------------------ Title deps: update undici to 5.26.4 (#50274) ⚠ Could not retrieve the email or name of the PR author's from user's GitHub profile! Branch nodejs-github-bot:actions/tools-update-undici -> nodejs:main Labels lib / src, fast-track, needs-ci, dependencies, lts-watch-v18.x, lts-watch-v20.x Commits 2 - deps: update undici to 5.26.4 - deps: update undici to 5.26.4 Committers 1 - Node.js GitHub Bot PR-URL: https://github.com/nodejs/node/pull/50274 Reviewed-By: Tobias Nießen Reviewed-By: Richard Lau ------------------------------ Generated metadata ------------------------------ PR-URL: https://github.com/nodejs/node/pull/50274 Reviewed-By: Tobias Nießen Reviewed-By: Richard Lau -------------------------------------------------------------------------------- ⚠ Commits were pushed since the last approving review: ⚠ - deps: update undici to 5.26.4 ℹ This PR was created on Thu, 19 Oct 2023 09:23:04 GMT ✔ Approvals: 2 ✔ - Tobias Nießen (@tniessen) (TSC): https://github.com/nodejs/node/pull/50274#pullrequestreview-1687504480 ✔ - Richard Lau (@richardlau) (TSC): https://github.com/nodejs/node/pull/50274#pullrequestreview-1687505651 ℹ This PR is being fast-tracked ✔ Last GitHub CI successful ℹ Last Full PR CI on 2023-10-20T08:28:39Z: https://ci.nodejs.org/job/node-test-pull-request/55037/ ⚠ Commits were pushed after the last Full PR CI run: ⚠ - deps: update undici to 5.26.4 - Querying data for job/node-test-pull-request/55037/ ✔ Last Jenkins CI successful -------------------------------------------------------------------------------- ✔ Aborted `git node land` session in /home/runner/work/node/node/.ncuhttps://github.com/nodejs/node/actions/runs/6602832895 |
Commit Queue failed- Loading data for nodejs/node/pull/50274 ✔ Done loading data for nodejs/node/pull/50274 ----------------------------------- PR info ------------------------------------ Title deps: update undici to 5.26.4 (#50274) ⚠ Could not retrieve the email or name of the PR author's from user's GitHub profile! Branch nodejs-github-bot:actions/tools-update-undici -> nodejs:main Labels lib / src, fast-track, needs-ci, dependencies, lts-watch-v18.x, lts-watch-v20.x Commits 2 - deps: update undici to 5.26.4 - deps: update undici to 5.26.4 Committers 1 - Node.js GitHub Bot PR-URL: https://github.com/nodejs/node/pull/50274 Reviewed-By: Tobias Nießen Reviewed-By: Richard Lau Reviewed-By: Matteo Collina ------------------------------ Generated metadata ------------------------------ PR-URL: https://github.com/nodejs/node/pull/50274 Reviewed-By: Tobias Nießen Reviewed-By: Richard Lau Reviewed-By: Matteo Collina -------------------------------------------------------------------------------- ℹ This PR was created on Thu, 19 Oct 2023 09:23:04 GMT ✔ Approvals: 3 ✔ - Tobias Nießen (@tniessen) (TSC): https://github.com/nodejs/node/pull/50274#pullrequestreview-1687504480 ✔ - Richard Lau (@richardlau) (TSC): https://github.com/nodejs/node/pull/50274#pullrequestreview-1687505651 ✔ - Matteo Collina (@mcollina) (TSC): https://github.com/nodejs/node/pull/50274#pullrequestreview-1691423089 ℹ This PR is being fast-tracked ✔ Last GitHub CI successful ℹ Last Full PR CI on 2023-10-22T09:04:44Z: https://ci.nodejs.org/job/node-test-pull-request/55037/ - Querying data for job/node-test-pull-request/55037/ ✔ Last Jenkins CI successful -------------------------------------------------------------------------------- ✔ No git cherry-pick in progress ✔ No git am in progress ✔ No git rebase in progress -------------------------------------------------------------------------------- - Bringing origin/main up to date... From https://github.com/nodejs/node * branch main -> FETCH_HEAD ✔ origin/main is now up-to-date - Downloading patch for 50274 From https://github.com/nodejs/node * branch refs/pull/50274/merge -> FETCH_HEAD ✔ Fetched commits as 7dc74a045118..e56f840313f4 -------------------------------------------------------------------------------- Auto-merging doc/contributing/maintaining/maintaining-dependencies.md [main 1445ed7391] deps: update undici to 5.26.4 Date: Thu Oct 19 09:23:01 2023 +0000 10 files changed, 15449 insertions(+), 116 deletions(-) create mode 100644 deps/undici/src/package-lock.json delete mode 100644 deps/undici/src/scripts/esbuild-build.mjs [main d4b24a0cd6] deps: update undici to 5.26.4 Date: Sun Oct 22 00:28:59 2023 +0000 1 file changed, 108 insertions(+), 73 deletions(-) ✔ Patches applied There are 2 commits in the PR. Attempting autorebase. Rebasing (2/4)https://github.com/nodejs/node/actions/runs/6603683952 |
Landed in 76f59b4 |
PR-URL: #50274 Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
@nodejs/releasers we need a quick backport to v18.x and v20.x for this one to fix a problematic regression. |
PR-URL: #50274 Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
I just cherry-picked it to v18.x-staging. |
PR-URL: #50274 Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
76f59b4 has also been cherry-picked onto v20.x-staging. |
PR-URL: nodejs#50274 Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
PR-URL: nodejs/node#50274 Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
PR-URL: nodejs/node#50274 Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
This is an automated update of undici to 5.26.4.