Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build(deps): bump node-fetch from 2.6.9 to 3.3.2 #2146

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

build(deps): bump node-fetch from 2.6.9 to 3.3.2 #2146

wants to merge 1 commit into from
+115 −123

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 9, 2025

Bumps node-fetch from 2.6.9 to 3.3.2.

Release notes

Sourced from node-fetch's releases.

v3.3.2

3.3.2 (2023-07-25)

Bug Fixes

v3.3.1

3.3.1 (2023-03-11)

Bug Fixes

  • release "Allow URL class object as an argument for fetch()" #1696 (#1716) (7b86e94)

v3.3.0

3.3.0 (2022-11-10)

Features

v3.2.10

3.2.10 (2022-07-31)

Bug Fixes

v3.2.9

3.2.9 (2022-07-18)

Bug Fixes

  • Headers: don't forward secure headers on protocol change (#1599) (e87b093)

v3.2.8

3.2.8 (2022-07-12)

Bug Fixes

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
build(deps): bump node-fetch from 2.6.9 to 3.3.2
b0b7b90 
Bumps [node-fetch](https://github.com/node-fetch/node-fetch) from 2.6.9 to 3.3.2.
- [Release notes](https://github.com/node-fetch/node-fetch/releases)
- [Commits](node-fetch/node-fetch@v2.6.9...v3.3.2)

---
updated-dependencies:
- dependency-name: node-fetch
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jan 9, 2025
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dependabot[bot]
Once this PR has been reviewed and has the lgtm label, please assign davidgamero for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels Jan 9, 2025
@mstruebing
Copy link
Member

This will require some rework, it's a major bump of node-fetch.

@brendandburns
Copy link
Contributor

Presumably we need to do this in the upstream code generator anyway.

@cjihrig
Copy link
Contributor

cjihrig commented Jan 9, 2025
edited
Loading

Here is the node-fetch v3 upgrade guide: https://github.com/node-fetch/node-fetch/blob/main/docs/v3-UPGRADE-GUIDE.md

There are some things that are relevant to us:

  • The response.body is now nullable. That is causing most of the TypeScript errors here. I think we are safe to use response.body! in the few problematic places here though.
  • Response.statusText no longer sets a default message derived from the HTTP status code. For us, this impacts the should handle error from request stream test because the 'Internal Server Error' message is no longer present.
  • The timeout option was removed. This one might be trickier for us. We already have Reintroduce timeout and keep-alive for watch requests to match client-go #2131 in progress to restore keep-alive behavior, but that PR also sets requestInit.timeout, which I believe will not be valid.

Here are the current test failures with this PR and the TypeScript problems fixed:

  1) KubeConfig
       applytoFetchOptions
         should apply cert configs:
     /Users/cjihrig/programming/javascript/src/config_test.ts:272
            expect(requestInit.timeout).to.equal(5);
                                           ^

AssertionError: expected undefined to equal 5
      at Context.<anonymous> (src/config_test.ts:272:44)

  2) Watch
       should handle error from request stream:

      /Users/cjihrig/programming/javascript/src/watch_test.ts:70
        expect(doneErr.toString()).to.equal('Error: Internal Server Error');
                                      ^

AssertionError: expected 'Error' to equal 'Error: Internal Server Error'
      + expected - actual

      -Error
      +Error: Internal Server Error
      
      at Context.<anonymous> (src/watch_test.ts:70:39)
      at process.processTicksAndRejections (node:internal/process/task_queues:95:5)

  3) Watch
       should not call watch done callback more than once:
     Error: Timeout of 2000ms exceeded. For async tests and hooks, ensure "done()" is called; if returning a Promise, ensure it resolves. (/Users/cjihrig/programming/javascript/src/watch_test.ts)
      at listOnTimeout (node:internal/timers:564:17)
      at process.processTimers (node:internal/timers:507:7)

  4) Watch
       should handle server errors correctly:
     Error: Timeout of 2000ms exceeded. For async tests and hooks, ensure "done()" is called; if returning a Promise, ensure it resolves. (/Users/cjihrig/programming/javascript/src/watch_test.ts)
      at listOnTimeout (node:internal/timers:564:17)
      at process.processTimers (node:internal/timers:507:7)

EDIT: The last two failures appear to be related to node-fetch v3 (unsure if it is a bug or intentional due to a spec change). Note the difference in this handler between v2 and v3. In those failing tests, the request is intentionally aborted, which triggers that 'error' handler. In v2, that would destroy the body stream. Without that happening, there doesn't appear to be a way for us to trigger the doneCallOnce function in watch.ts.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@davidgamero davidgamero Awaiting requested review from davidgamero

@mstruebing mstruebing Awaiting requested review from mstruebing

Assignees
No one assigned
Labels
cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code size/L Denotes a PR that changes 100-499 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@k8s-ci-robot @mstruebing @brendandburns @cjihrig