search

tidev / titanium-sdk

🚀 Native iOS and Android Apps with JavaScript
https://titaniumsdk.com/
Other
2.75k stars 1.21k forks source link

Replace "request" node package #14055

Open m1ga opened 3 months ago

m1ga commented 3 months ago

I have searched and made sure there are no existing issues for the issue I am filing

Description

For security reasons "request" should be removed in the package.json. It is used in the following places:

fetch should be a good replacement as we are using node v18 as a minimum now.

Solution

-

Alternatives

-

Platforms

CLI

AbdullahFaqeir commented 6 days ago

I'll take this!

cb1kenobi commented 6 days ago

Titanium CLI v7 requires Node.js 18 or newer, the SDK requires Node.js 16: https://github.com/tidev/titanium-sdk/blob/master/package.json#L172. We should use fetch() only if master is slated to be 13.0.0. If we plan to ship a 12.6.0, then we must use a user land package and I highly recommend undici.

cb1kenobi commented 6 days ago

Bah, and wouldn't you know it, undici requires Node 18. Nevermind that.

@AbdullahFaqeir you are welcome to do the work, but we can only merge it if master becomes 13.0.0.

AbdullahFaqeir commented 6 days ago

Eeeeh 🤗, I'll just do it for fun 😂, and we can all wait for the merge.