folz / bento

:bento: A fast, correct, pure-Elixir library for reading and writing Bencoded metainfo (.torrent) files.
Mozilla Public License 2.0
95 stars 14 forks source link

Bump dependents to newer versions. #15

Closed mogeko closed 1 year ago

mogeko commented 1 year ago

I plan to bump dependents to newer versions. It seems that Poison has changed the API, so errors can occur. I will update it manually and check it one by one.

Then I'm going to set up GitHub Dependabot, which automatically monitors dependencies and securely updates them.

To-do list:

To-do list out of this pr (for tracking):

mogeko commented 1 year ago

I gave up bump Poison to version 5.0.

Poison has adjusted the Poison.Decode in this commit.

https://github.com/devinus/poison/blob/282188af948da8460029e5e37ecefbad496fddfd/lib/poison/decoder.ex#L20-L25

They replaced options[:keys] with Map.get(options, :keys), which means that we must use Map instead of Keyword as options. Otherwise, an error will be reported.

iex(1)> Bento.decode("li1e3:twoli3eee")
** (BadMapError) expected a map, got: []
    (elixir 1.14.3) lib/map.ex:534: Map.get([], :as, nil)
    lib/poison/decoder.ex:21: Poison.Decode.transform/2
    (bento 1.0.0-dev) lib/bento.ex:77: Bento.decode/2
    iex:1: (file)

If we want to upgrade to version 5.0 of Poison without breaking changes, we have to use a polyfill like:

def decode(iodata, options \\ []) do
  with {:ok, parsed} <- Parser.parse(iodata) do
    {:ok, Poison.Decode.transform(parsed, Map.new(options))}
  end
end

It's too ugly to accept!

So I decided to pin the version of Poison to 3.1.

On the other hand, I found that we only used the function Poison.Decode.transform/2, and the development of Poison does not seem to be very active. Maybe we can implement it ourselves.