Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Purpose of this pull request?
Updating a dependency that has security vulnerabilities reported, due to out-of-date subdependencies.
What changes did you make?
I updated the
got
library to v11, which is the latest that can be used without switching to ESM-only. The only thing that it's currently being used for is to pull a blacklist from the web when installing a generator. The only change that was relevant was removing the{json: true}
config in favor of the.json()
function to return a Promise with a JSON body.This package currently uses
got
v8, here are the releases between then and v11:https://github.com/sindresorhus/got/releases/tag/v11.0.0
https://github.com/sindresorhus/got/releases/tag/v10.0.0
https://github.com/sindresorhus/got/releases/tag/v9.0.0
Is there anything you'd like reviewers to focus on?
The
http://yeoman.io/blacklist.json
website doesn't seem to exist - when I go to it in my browser I get a 404. Is this functionality even working currently, or should there be a different blacklist URL?