pokeapi-js-wrapper icon indicating copy to clipboard operation
pokeapi-js-wrapper copied to clipboard
verified publisher icon PokeAPI

Upgrade all dependencies

Open lbineau opened this issue 1 year ago • 1 comments

There are a lot of security issues raised by this package so I've upgraded all dependencies. Only chai packages couldn't be upgraded to the latest major version because it is using ESM. I only sticked with the latest minor version. I've npm run test and npm run build and everything seems to work.

lbineau avatar Aug 29 '24 09:08 lbineau

Hi, could you also bump the patch version of the package?

Naramsim avatar Aug 31 '24 02:08 Naramsim

Thanks!

Naramsim avatar Sep 04 '24 11:09 Naramsim

Hi! A user seems to have a problem with this version 1.2.5, @isackender. Coul it be possible that the package is broken?

Preventively I unpublished the 1.2.5 from NPM. Still the lib can be found in this GH repo under the dist folder.

Naramsim avatar Sep 06 '24 08:09 Naramsim

Hi, yes, as @Naramsim pointed out, my project broke two days ago. My code is:

<script src="https://unpkg.com/[email protected]/dist/index.js"></script>

<!-- Service worker -->
<script src="pokeapi-js-wrapper-sw.js"></script>

<!-- Initialize js wrapper -->
<script>
    const customOptions = {
        protocol: "https",
        versionPath: "/api/v2/",
        cache: true,
        timeout: 5 * 1000, // 5s
        cacheImages: true
    };
    const P = new Pokedex.Pokedex(customOptions);
</script>

<!-- Project code -->
<script src="/scripts/main.js"></script>

Which gives me this error (using Firefox):

Uncaught ReferenceError: require is not defined
    23          https://unpkg.com/[email protected]/dist/index.js:2
    n           https://unpkg.com/[email protected]/dist/index.js:2
    801         https://unpkg.com/[email protected]/dist/index.js:2
    n           https://unpkg.com/[email protected]/dist/index.js:2
    737         https://unpkg.com/[email protected]/dist/index.js:2
    n           https://unpkg.com/[email protected]/dist/index.js:2
    <anonymous> https://unpkg.com/[email protected]/dist/index.js:2
    <anonymous> https://unpkg.com/[email protected]/dist/index.js:2
    <anonymous> https://unpkg.com/[email protected]/dist/index.js:2
    <anonymous> https://unpkg.com/[email protected]/dist/index.js:2
    <anonymous> https://unpkg.com/[email protected]/dist/index.js:2
index.js:2:61271

When I switch to a previous version it works again perfectly (1.2.3 or 1.2.4 work fine).

<script src="https://unpkg.com/[email protected]/dist/index.js"></script>

isackender avatar Sep 06 '24 09:09 isackender

Hi, yes, as @Naramsim pointed out, my project broke two days ago. My code is:

<script src="https://unpkg.com/[email protected]/dist/index.js"></script>

<!-- Service worker -->
<script src="pokeapi-js-wrapper-sw.js"></script>

<!-- Initialize js wrapper -->
<script>
    const customOptions = {
        protocol: "https",
        versionPath: "/api/v2/",
        cache: true,
        timeout: 5 * 1000, // 5s
        cacheImages: true
    };
    const P = new Pokedex.Pokedex(customOptions);
</script>

<!-- Project code -->
<script src="/scripts/script.js"></script>

Which gives me this error (using Firefox):

Uncaught ReferenceError: require is not defined
    23          https://unpkg.com/[email protected]/dist/index.js:2
    n           https://unpkg.com/[email protected]/dist/index.js:2
    801         https://unpkg.com/[email protected]/dist/index.js:2
    n           https://unpkg.com/[email protected]/dist/index.js:2
    737         https://unpkg.com/[email protected]/dist/index.js:2
    n           https://unpkg.com/[email protected]/dist/index.js:2
    <anonymous> https://unpkg.com/[email protected]/dist/index.js:2
    <anonymous> https://unpkg.com/[email protected]/dist/index.js:2
    <anonymous> https://unpkg.com/[email protected]/dist/index.js:2
    <anonymous> https://unpkg.com/[email protected]/dist/index.js:2
    <anonymous> https://unpkg.com/[email protected]/dist/index.js:2
index.js:2:61271

When I switch to a previous version it works again perfectly (1.2.3 or 1.2.4 work fine).

<script src="https://unpkg.com/[email protected]/dist/index.js"></script>

I've seen something like this when I was using a React package. Uninstalling or downgrading the broken dependency in this package should fix it.

climaxmba avatar Sep 06 '24 09:09 climaxmba

I remember I had issues upgrading axios, because maybe it became a pure ESM package. Maybe that's the issue

Naramsim avatar Sep 06 '24 10:09 Naramsim

@Naramsim @climaxmba @isackender, After spending hours trying to understand why it outputs require in the UMD module and trying various config, I think I understood the issue.

  • webpack 5 removed the automatic polyfill for node https://webpack.js.org/blog/2020-10-10-webpack-5-release/#automatic-nodejs-polyfills-removed
  • webpack.config.js is using target: 'node'

Removing target: 'node' or switching it to target: 'web' properly remove any node related code (require()) and make it work properly.

Is this package supposed to be used in Node/browser/both? I'll be happy to create PR if it is supposed to work with browsers only.

Error target: 'node' node target showing a console error: require is undefined

Success target: 'web' web target showing a console.log success

lbineau avatar Sep 09 '24 16:09 lbineau

Sure @lbineau, this package is meant for the browser only. There is a different package that's meant for Node.

climaxmba avatar Sep 09 '24 16:09 climaxmba

Here you go https://github.com/PokeAPI/pokeapi-js-wrapper/pull/61

lbineau avatar Sep 09 '24 18:09 lbineau