Bump requestretry from 4.0.0 to 7.0.0 by dependabot[bot] · Pull Request #466 · clearlydefined/crawler

dependabot · 2022-03-01T23:07:37Z

Bumps requestretry from 4.0.0 to 7.0.0.

Changelog

Sourced from requestretry's changelog.

7.0.0 (2022-02-21)

changes (2d822ad)

Prevent Cookie & Authorization Headers from being forwarded when the URL redirects to another domain (0979c60), closes #137

Release v7.0.0. (4569005)

Update leak.test.js (2768f5c)

Update leak.test.js (afa27ef)

Update README.md (5e1a63c)

Update README.md (ebf3471)

test: add more test (c7c47d6)

fix: 🤦 (3c0d686)

fix: breaking test suite (95e7a3b)

docs(changelog): updated (a450999)

6.0.0 (2021-08-24)

Release v6.0.0. (1b8ea5c)

fix: remove dependency on when in favor of native Promises (52d0603)

docs(changelog): updated (a1189ef)

5.0.0 (2021-02-16)

Create FUNDING.yml (8d9e398)

Hanlde EBUSY error from DNS resolver (dd80892), closes #128

Release v5.0.0. (7b53cff)

Update README.md (8d7ca0d)

docs(changelog): updated (aa9c2ea)

4.1.2 (2020-11-11)

fix (d98bb73)

Not use rewire for internal/private clone function (f8cac13)

Release v4.1.2. (6550c2a)

Update index.js (f76272e)

Update index.js (7e157f4)

Update index.js (a237f20)

Update index.js (8c85f72)

Update README.md (a6e72dd)

docs(changelog): updated (06c8557)

4.1.1 (2020-05-18)

... (truncated)

Commits

4569005 Release v7.0.0.
c7c47d6 test: add more test
f517344 Merge pull request #139 from Sampaguitas/master
2768f5c Update leak.test.js
afa27ef Update leak.test.js
2d822ad changes
3c0d686 fix: 🤦
95e7a3b fix: breaking test suite
42f7e79 Merge pull request #138 from Sampaguitas/master
0979c60 Prevent Cookie & Authorization Headers from being forwarded when the URL redi...
Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
@dependabot use these labels will set the current labels as the default for future PRs for this repo and language
@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

qtomlinson · 2024-01-25T23:26:56Z

@dependabot rebase

JamieMagee · 2026-01-15T19:47:03Z

@dependabot rebase

JamieMagee · 2026-01-26T17:12:31Z

@dependabot recreate

JamieMagee · 2026-01-26T17:20:54Z

I looked through how requestretry is used in this codebase - it's straightforward. Six files use it via .defaults() with basic options like maxAttempts, fullResponse, and json. Nothing fancy.

The version jump from 4.x to 7.x looks safe:

7.0.0 fixes a security issue where Cookie and Authorization headers could leak on cross-domain redirects
6.0.0 swaps the when promise library for native Promises (you can see this in the diff - when is removed as a dependency)
5.0.0 adds handling for EBUSY DNS errors

None of these break the API patterns this project uses.

One thing worth noting: the underlying request library was deprecated in 2020. This upgrade is fine to merge, but at some point the project should consider moving to something actively maintained (axios, got, or native fetch).

JamieMagee · 2026-01-26T17:41:41Z

@dependabot rebase

Bumps [requestretry](https://github.com/FGRibreau/node-request-retry) from 4.0.0 to 7.0.0. - [Release notes](https://github.com/FGRibreau/node-request-retry/releases) - [Changelog](https://github.com/FGRibreau/node-request-retry/blob/master/CHANGELOG.md) - [Commits](FGRibreau/node-request-retry@v4.0.0...v7.0.0) --- updated-dependencies: - dependency-name: requestretry dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added the dependencies Pull requests that update a dependency file label Mar 1, 2022

MichaelTsengLZ force-pushed the master branch from 62c2b8e to f4e22db Compare June 1, 2022 01:10

dependabot bot force-pushed the dependabot/npm_and_yarn/requestretry-7.0.0 branch from d186a73 to 5904fa2 Compare June 21, 2022 18:53

dependabot bot force-pushed the dependabot/npm_and_yarn/requestretry-7.0.0 branch from 5904fa2 to 3e7ffe0 Compare January 25, 2024 23:27

dependabot bot force-pushed the dependabot/npm_and_yarn/requestretry-7.0.0 branch from 3e7ffe0 to 40e9a59 Compare January 15, 2026 19:48

dependabot bot force-pushed the dependabot/npm_and_yarn/requestretry-7.0.0 branch from 40e9a59 to 948a537 Compare January 26, 2026 17:13

dependabot bot force-pushed the dependabot/npm_and_yarn/requestretry-7.0.0 branch from 948a537 to 286968d Compare January 26, 2026 17:42

JamieMagee approved these changes Jan 26, 2026

View reviewed changes

JamieMagee merged commit fb6d2a1 into master Jan 26, 2026
2 checks passed

JamieMagee deleted the dependabot/npm_and_yarn/requestretry-7.0.0 branch January 26, 2026 17:50

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump requestretry from 4.0.0 to 7.0.0#466

Bump requestretry from 4.0.0 to 7.0.0#466
JamieMagee merged 1 commit intomasterfrom
dependabot/npm_and_yarn/requestretry-7.0.0

dependabot bot commented on behalf of github Mar 1, 2022 •

edited

Loading

Uh oh!

qtomlinson commented Jan 25, 2024

Uh oh!

JamieMagee commented Jan 15, 2026

Uh oh!

JamieMagee commented Jan 26, 2026

Uh oh!

JamieMagee commented Jan 26, 2026 •

edited

Loading

Uh oh!

JamieMagee commented Jan 26, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

dependabot bot commented on behalf of github Mar 1, 2022 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

7.0.0 (2022-02-21)

6.0.0 (2021-08-24)

5.0.0 (2021-02-16)

4.1.2 (2020-11-11)

4.1.1 (2020-05-18)

Uh oh!

qtomlinson commented Jan 25, 2024

Uh oh!

JamieMagee commented Jan 15, 2026

Uh oh!

JamieMagee commented Jan 26, 2026

Uh oh!

JamieMagee commented Jan 26, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

JamieMagee commented Jan 26, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

dependabot bot commented on behalf of github Mar 1, 2022 •

edited

Loading

JamieMagee commented Jan 26, 2026 •

edited

Loading