twilio-node icon indicating copy to clipboard operation
twilio-node copied to clipboard

Published 20 hours ago verified publisher icon twilio

Reconsider use of library q v2

Open eemt opened this issue 3 years ago • 4 comments

Issue Summary

FYI -- In your package.json dependencies, you are using "q": "2.0.x",

You may want to check if that's really needed and consider downgrading to v1. Per the author of q, v2 is experimental and "development on v2 is dead." https://github.com/kriskowal/q/tree/v2 https://github.com/kriskowal/q/issues/852

Steps to Reproduce

n/a

Code Snippet

Exception/Log

Technical details:

  • twilio-node version: Since at least 3.46 to current
  • node version: n/a

eemt avatar Apr 02 '21 16:04 eemt

Or, you know - use native promises instead. They are available, fast and easy to debug in every version of Node.js you support and are superior to Q in every way other than the helper functions (which you don't use).

  • Q.denodify -> util.promisify
  • callback APIs and Q.deferred -> promisified APIs you can use directly.

And so on.

benjamingr avatar Apr 02 '21 19:04 benjamingr

@eemt and @benjamingr Thank you for the suggestion. We will take a look at it.

This issue has been added to our internal backlog to be prioritized. Pull requests and +1s on the issue summary will help it move up the backlog.

shwetha-manvinkurke avatar Apr 14 '21 23:04 shwetha-manvinkurke

Related to PR#450

bobtfish avatar Dec 03 '21 12:12 bobtfish

Seems like Q is causing prototype pollution on Promise and causing memory leaks in Jest for us. Any module that imports twilio and other modules which use Promise hang around in memory.

ParallelUniv3rse avatar Jul 13 '22 10:07 ParallelUniv3rse

Closing as fixed (lastly) by https://github.com/twilio/twilio-node/pull/826

This will be included in the first release candidate for twilio-node@v4 dropping in a week.

childish-sambino avatar Nov 23 '22 21:11 childish-sambino