github-actions[bot]
commented
10 months ago Thanks for suggesting these code changes. To set expectations:
- Pull requests are reviewed in batches, so it can take some time to get a response.
- Smaller pull requests are easier to review. To fix nine typos, nine specific issues will always go faster than one big one. Learn why here.
- Reviewers may not know as much as you about certain situations, so add links to supporting evidence for important claims, especially regarding standards for CSS, HTTP, URI, etc.
Finally, please be patient with the core team. They are trying their best with limited resources.
mather
Quick Summary: request is deprecated, and vulnerabilities have been reported in its dependency libraries. I replaced download feature using following libraries:
Ref: https://github.com/elm/compiler/commit/41ec49ed921a2409afda483eb9e29197e262fe27
Thought: axios also depends on the same libraries (follow-redirects, proxy-from-env), but there is no need to use Promise-based features. To improve maintainability, I believe that we should adopt libraries with simple enough functions to meet our needs,rather than relying on a library with many additional functions.