Open dependabot[bot] opened 1 month ago
owenatgov
commented
1 month ago This problem is fairly obvious: we can't use require anymore if we want to continue using slug. We use require in all our tooling code and only use slug in one place: the slugify function in filters.js. It might be easier to look for an alternative to slug or write something ourself.
romaricpascal
commented
4 weeks ago Replacing slug by another function would be something we'd need to do cautiously as not all functions creating slugs behave the same (mostly along treatments of 'special' characters like apostrophes, parenthesis...).
I don't think there's a massive urgency to update here, and as more and more libraries switch to ESM only, we may need to consider switching to ESM altogether ourselves as well 🤔
romaricpascal
commented
4 weeks ago We could also:
filter.js into filter.mjs that'd allow using import. This may require (🥁 🐍 ) other files to be turned into .mjs file as well. import() (which is available in CommonJS files) to asynchronously import slugrequire ES Modulesromaricpascal
commented
3 weeks ago Testing locally, it seems upgrading to Node 22, which is finally LTS, makes the tests run smoothly as it allows requireing ES modules. I'll raise a separate PR for this and once it's merged, we can rebase and merge this one 😊
romaricpascal
commented
3 weeks ago @dependabot rebase
romaricpascal
commented
3 weeks ago @dependabot recreate
romaricpascal
commented
3 weeks ago Testing locally, it seems upgrading to Node 22, which is finally LTS, makes the tests run smoothly as it allows requireing ES modules. I'll raise a separate PR for this and once it's merged, we can rebase and merge this one 😊
That feature is actually behind a flag so I'm not quite sure what made it work, maybe I forgot to npm i after pulling and was still running against slug 9.x 🤔
Bumps slug from 9.1.0 to 10.0.0.
Changelog
Sourced from slug's changelog.
Commits
e0df06achore(release): 10.0.0 [skip ci]a8db3edESM only + move to webtestrunnner (#467)cf5321dchore: add Node.js 23 to test matrix (#469)0d8bbffchore(deps): bump cookie and engine.io (#468)3703bc1chore: update package-lock.json (#466)b740c0dchore(deps-dev): bump semantic-release from 24.1.1 to 24.1.2 (#465)e2a3b12chore(deps-dev): bump nyc from 17.0.0 to 17.1.0 (#464)23bab8echore(deps): bump body-parser from 1.20.2 to 1.20.3 (#463)6630102chore(deps-dev): bump standard from 17.1.0 to 17.1.2 (#462)82a0c65chore(deps-dev): bump semantic-release from 24.1.0 to 24.1.1 (#461)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show