Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Use punycode userland module #95

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

domdomegg
Copy link

@domdomegg domdomegg commented Dec 6, 2023

This fixes deprecation warnings about using the punycode node module.

That's because require("punycode") in node is getting the deprecated in-built node module, rather than the NPM package. Adding a trailing slash (as suggested in punycode's README) fixes this.

Fixes #94

Related:

@leanderlee
Copy link

Hi there, just bumping this as it's causing the deprecation warning to show up in popular upstream packages (like eslint)

@matschik
Copy link

Unfortunately last commit is 2 years ago...

@domdomegg
Copy link
Author

Should probably tag @garycourt in case necessary for his GitHub notification settings

@andylamp
Copy link

andylamp commented Feb 2, 2024

@aramshiva you do not know the circumstances he's currently in - he has not committed in a long time... Maybe he's away or stopped interacting with the website. Do not burden him with something he has not agreed to do. As you say, it is open source - one can fork it, fix it, and also publish it.

I agree that this needs to be resolved, but please be understanding.

@kibertoad
Copy link

I've published a fork that addresses this issue: https://www.npmjs.com/package/toad-uri-js

Would appreciate if you give it a try!

@milahu
Copy link

milahu commented Feb 15, 2024

I've published a fork that addresses this issue: https://www.npmjs.com/package/toad-uri-js

why did you not fork garycourt/uri-js to kibertoad/toad-uri-js

@kibertoad
Copy link

@milahu I've done forking of other libraries in the past, it gives a very bad developer experience, as then all PRs default to targetting parent repositories, ending up in creating accidental PRs

@milahu
Copy link

milahu commented Feb 15, 2024

aah. still, you should preserve the original git history = 89 commits until a1acf73

@kibertoad
Copy link

@milahu PR restoring git history would be welcome.

@milahu
Copy link

milahu commented Feb 15, 2024

please help yourself

fix-git-fork-history.sh
#!/usr/bin/env bash

set -e
set -x

git clone https://github.com/garycourt/uri-js
mv uri-js toad-uri-js
cd toad-uri-js
git branch -M master main || true
git remote add fork https://github.com/kibertoad/toad-uri-js
git fetch fork main
git worktree add fork-main fork/main

# this is the first commit in the fork
# git log --format=fuller
cat >/dev/null <<'EOF'
commit ab2a6cab3b60120db334118640f0417d0c7a7f52
Author:     Igor Savin <[email protected]>
AuthorDate: Fri Feb 9 20:40:20 2024 +0200
Commit:     GitHub <[email protected]>
CommitDate: Fri Feb 9 20:40:20 2024 +0200

    Migrate to vitest (#1)
EOF

git rm -rf dist/
GIT_AUTHOR_DATE="Fri Feb 9 20:20:00 2024 +0200" \
git commit -m "rm dist/"

git -C fork-main checkout fork/main~12
cp fork-main/.gitignore .gitignore
git add .gitignore
GIT_AUTHOR_DATE="Fri Feb 9 20:30:00 2024 +0200" \
git commit -m "up .gitignore"

# now there should be no difference
# -> ready for cherry-pick
git_diff=$(git diff main~0 fork/main~12)
if [[ "$git_diff" != "" ]]; then
  echo "error: diff is not empty:"
  echo "$git_diff"
  exit 1
fi

git cherry-pick  fork/main~12..fork/main

# use author date as committer date
# github shows only the committer date
git rebase a1acf730b4bba3f1097c9f52e7d9d3aba8cdcaae --committer-date-is-author-date

# undo the cherry-pick
#git reset --hard main~12

git tag 5.0.0 main~4

git tag 5.0.1 main~0

echo "done. verify:"
echo "git -C toad-uri-js/ log --format=fuller"

@iwasrobbed
Copy link

As this repo is not maintained, you can also nvm install 20 && nvm use 20 to go back to Node v20.11.1 and silence it for now until ajv/eslint/etc update their dependencies

@andylamp
Copy link

andylamp commented Apr 4, 2024

@ttodua, I wholeheartedly disagree. It is our fault for depending on a library with questionable support and when we accepted the license to use it - it says explicitly that, that it is provided "AS-IS".

Now, the fallacy with OSS entitlement has caused a lot of issues in the past but any author of such package, unless contractually obliged, does not owe us a damn thing. We use the code provided "AS-IS" and with us burdening the associated risks, which include what you are describing.

@ttodua
Copy link

ttodua commented Apr 4, 2024

does not owe us a damn thing

I am not sure you read my comment well, because i explicitly said that "I don't say he owes something, but", then followed what I said. There is a big gap between concept of "owe" and professional attitude. Hope you now understand. anyway, i've deleted that comment, in order to avoid such no-make-sense continuations

@milahu
Copy link

milahu commented Apr 4, 2024

i've deleted that comment, in order to avoid such no-make-sense continuations

deleting comments is also no "professional attitude"

deleted comment by ttodua from 55 minutes ago

I an not pointing to author (because i don't know his circumtances), but generally speaking, when having a lib published and knowing hundreds of users are dependent on it and you watch how users have been asking for simple help for years - it's not a professional attitude toward your users base. when abandoning project, you'd better declare repo as "archived", so public would have a signal for moving out of it.

to continue the off topic chat:

professional attitude

false hopes are a safe recipe for frustration
im pretty sure the license does not promise "professional attitude"

hundreds of users are dependent on it

these people need some detox cure
someone should tell them about forks and patches

@ttodua
Copy link

ttodua commented Apr 5, 2024

@milahu I think it's better to be a bit calmer. I've replied my to a user on a point that authors 'do not owe' a damn thing, while not personally attacking him, just mentioning my alternative thought. and that user, absolutely in a well manner replied back (thanks @andylamp ). but you started personal (and a bit angry) addressing, making statements like:

deleting comments is also no "professional attitude"

idk where did you hear such a wise lesson. please share to me too. or:

false hopes are a safe recipe for frustration

I don't think you are such an oracle to see who has what hope

these people need some detox cure

and again, stop attacking other people, no one called you for judging illnesses, you'd better concentrate on your problems and for their cures.

and whoever has problems when hearing a free speech and thought and goes on personal ranting, then s/he definitely needs a cure. good luck, bye

@andreinwald
Copy link

Hi there,
I created a replacement for library uri-js

  • Based on Node.js and browser URL api
  • 99% compatible with original URI.js library
  • Solves "The punycode module is deprecated" warning in Node
  • Tested with libraries: ESLint, Webpack, Ajv

https://github.com/andreinwald/uri-js-replace

You can add to package.json of your project:

"overrides": {
    "uri-js": "npm:uri-js-replace"
}

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@types/punycode is available, now that we're using an actual module, there's no point in maintaining this file.

@sherif-amk
Copy link

any updates?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

punycode is deprecated, remove dependency