Update dependency debug to v4 #25
Loading…
Reference in New Issue
Block a user
No description provided.
Delete Branch "renovate/debug-4.x"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
This PR contains the following updates:
2.6.9->4.3.3Release Notes
visionmedia/debug
v4.3.3Compare Source
Patch Release 4.3.3
This is a documentation-only release. Further, the repository was transferred. Please see notes below.
Thank you to @taylor1791 and @kristofkalocsai for their contributions.
Repository Migration Information
I've formatted this as a FAQ, please feel free to open an issue for any additional question and I'll add the response here.
Q: What impact will this have on me?
In most cases, you shouldn't notice any change.
The only exception I can think of is if you pull code directly from https://github.com/visionmedia/debug, e.g. via a
"debug": "visionmedia/debug"-type version entry in your package.json - in which case, you should still be fine due to the automatic redirection Github sets up, but you should also update any references as soon as possible.Q: What are the security implications of this change?
If you pull code directly from the old URL, you should update the URL to https://github.com/debug-js/debug as soon as possible. The old organization has many approved owners and thus a new repository could (in theory) be created at the old URL, circumventing Github's automatic redirect that is in place now and serving malicious code. I (@qix-) also wouldn't have access to that repository, so while I don't think it would happen, it's still something to consider.
Even in such a case, however, the officially released package on npm (
debug) would not be affected. That package is still very much under control (even more than it used to be).Q: What should I do if I encounter an issue related to the migration?
Search the issues first to see if someone has already reported it, and then open a new issue if someone has not.
Q: Why was this done as a 'patch' release? Isn't this breaking?
No, it shouldn't be breaking. The package on npm shouldn't be affected (aside from this patch release) and any references to the old repository should automatically redirect.
Thus, according to all of the "APIs" (loosely put) involved, nothing should have broken.
I understand there are a lot of edge cases so please open issues as needed so I can assist in any way necessary.
Q: Why was the repository transferred?
I'll just list them off in no particular order.
debugecosystem intends to grow beyond a single package, and since new packages could not be created in the old org (nor did it make sense for them to live there), a new org made the most sense - especially from a security point of view.Q: Was this approved?
Yes.[archive]
Q: Do I need to worry about another migration sometime in the future?
No.
v4.3.2Compare Source
Patch release 4.3.2
.enabledchecks (#799)Thank you @omg!
v4.3.1Compare Source
Patch release 4.3.1
v4.3.0Compare Source
Minor release
debugInstance.destroy(). Future major versions will not have this method; please remove it from your codebases as it currently does nothing.v4.2.0Compare Source
Minor Release
console.debugin the browser only when it is available (#600)"engines"key to package.jsonselectColor(#747)supports-coloras an optional peer dependencyv4.1.1Compare Source
This backport fixes a bug in coveralls configuration as well as the
.extend()function.Patches
d0e498f)57ef085)v4.1.0Compare Source
Minor Changes
4236585)7ef8b41)Massive thank you to @mblarsen and @outsideris for knocking out two long-awaited changes.
v4.0.1Compare Source
This patch restores browserify functionality as well as keeping the intended functionality with Unpkg.com.
Patches
99c95e3v4.0.0Compare Source
A long-awaited release to
debugis available now:4.0.0.Due to the delay in release and the number of changes made (including bumping dependencies in order to mitigate vulnerabilities), it is highly recommended maintainers update to the latest package version and test thoroughly.
This release drops support for Node 4 and 5 in alignment with the Node.js LTS Release Schedule.
Major Changes
ba8a42405b0cebMinor Changes
853853f207a6a2e43e5fe02b9ea9Patches
3ca23319f4f8f5623c08e57cde5662822f1833b6f82d2509e7e1d5d91ad1e4achrome.storage(or make the storage backend pluggable):71d2aa7225c66f22f9932a5ca7a2supports-color@5:285dfe1enable()(#517):ab5083f7116906da51af8b3f8f8eCredits
Huge thanks to @DanielRuf, @EirikBirkeland, @KyleStay, @Qix-, @abenhamdine, @alexey-pelykh, @DiegoRBaquero, @febbraro, @kwolfy, and @TooTallNate for their help!
v3.2.7Compare Source
v3.2.6Compare Source
This backport fixes a 4x performance regression when debug is disabled.
Patches
f312a89) (#625)v3.2.5Compare Source
This patch restores browserify functionality as well as keeping the intended functionality with Unpkg.com.
It is a backport of the
4.0.1release.Patches
cc5f146v3.2.4Compare Source
This released fixed the missing
filesentry inpackage.json, mitigating the faulty3.2.3release.v3.2.3Compare Source
This release mitigated the breaking changes introduced in
3.2.0where./node.jswas removed, breaking a very select few users on older releases ofbabel-core, as well as users that used an undocumentedrequire('debug/node')../node.jswas temporarily added to the repository at this time; however, this release failed to includenode.jsin thefileskey inpackage.jsonand thus didn't fix the issue.3.2.4rectified this issue.v3.2.2Compare Source
This release mitigated the breaking changes introduced in
3.2.0where ES6 features were being used on users of Node 4, causing crashes upon inclusion.It employed a temporary Babel pass on the entire codebase in lieu of a hard reversion (so this version is, effectively, a backport of the fixes and features ultimately introduced in
4.0.0).v3.2.1Compare Source
This release, along with
3.2.0, were subsequently released together as4.0.0(a major bump). You can review the complete changes in that release's details.A quick hotfix to address Browser builds -
debugis now compiled down to IE8-compatible code via Babel upon release.CDNs that honor the
"browser":key inpackage.jsonshould now reflect these changes (previously, they would serve the non-bundled ES6 version).Patches
b3f8f8ev3.2.0Compare Source
This release was intended to be the next release of Debug but introduced breaking changes that were overlooked at the time of release. As such it has been deprecated on npm and should not be used.
This release, along with
3.2.1, were subsequently released together as4.0.0(a major bump). You can review the included changes in that release's details.v3.1.0Compare Source
Minor Changes
e7e568acomponent.json:47747f3bdb7e01DEBUG_HIDE_DATEenv var: #486Patches
daf1a7c7cd9e53fdfa0f5%oformatter: #504Credits
Huge thanks to @amejiarosario and @zhuangya for their help!
v3.0.1Compare Source
v3.0.0Compare Source
Featuring pretty new colors!
DEBUG_FD: #406Date#toISOString()instead toDate#toUTCString()when output is not a TTY: #418enabled()updates existing debug instances: #440Minor Changes
destroy()function: #440enabledflag: #465826fd9487880f631f334325eb5458b5c438f178d86Patches
d2dd80aCredits
Huge thanks to @gtjoseph, @timruffles and @FantasticFiasco for their help!
Configuration
📅 Schedule: At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Renovate Bot.
31079493a4to0aa9bbb10d