Got is a popular npm package designed to simplify making HTTP/HTTPS requests. Comparing versions 3.3.1 and 3.3.0 reveals some key updates relevant to developers. In version 3.3.1, the primary difference lies in the dependencies. Specifically, object-assign has been updated from version 2.0.0 to 3.0.0, and read-all-stream has been updated from version 2.0.0 to 3.0.0. These updates likely include bug fixes, performance improvements, or new features within these underlying dependencies. While seemingly minor version bumps, such dependency updates can have cascading effects on the stability and performance of Got itself. Also version 3.3.1 include a new dependency statuses. Developers should review the changelogs of object-assign and read-all-stream to understand the specific changes introduced and their potential impact on how Got functions within their projects, but in many case is only bug fixing and security updates. Both versions maintain the same core set of dependencies like duplexify, is-stream, timed-out, is-redirect, prepend-http, infinity-agent, lowercase-keys, and nested-error-stacks, indicating a consistent core functionality. The devDependencies remain unchanged, suggesting that the testing and development environment hasn't been significantly altered. From a developer's perspective, upgrading to 3.3.1 is likely recommended to benefit from the latest dependency improvements and potential bug fixes, but a review of dependency changes is advised to ensure compatibility with existing code.
All the vulnerabilities related to the version 3.3.1 of the package
Got allows a redirect to a UNIX socket
The got package before 11.8.5 and 12.1.0 for Node.js allows a redirect to a UNIX socket.
