Got is a popular npm package that simplifies making HTTP requests. Comparing versions 6.7.1 and 6.7.0, developers will notice a very incremental update. The core dependencies remain identical, suggesting that the underlying functionalities for handling duplex streams, checking stream types, managing timeouts, retrieving stream data, identifying redirects, and ensuring safe buffer operations haven't undergone significant changes. The URL parsing, key handling, response unzipping, retry logic, and error class creation also remain consistent, indicating a stable API.
Similarly, the development dependencies used for testing, linting, code coverage, and mocking external services are unchanged between the two versions. Build tools like XO for linting, Ava for testing, NYC for coverage, and tools for handling PEM keys, promises, ports, temporary files, and continuous integration remain the same. Even tools for form data and stream conversion haven't been updated.
The key difference lies in the releaseDate. Version 6.7.1 was released a few hours after 6.7.0, suggesting that the update includes a bug fix or a minor tweak. Given the lack of changes in dependencies and the short release time, developers can likely upgrade from 6.7.0 to 6.7.1 with confidence, anticipating a minimal risk of breaking changes and improved stability. If you are experiencing minor issues with version 6.7.0 like a random bug, upgrading could resolve them without requiring code modifications. Always refer to the official changelog for comprehensive details on specific fixes and improvements.
All the vulnerabilities related to the version 6.7.1 of the package
Got allows a redirect to a UNIX socket
The got package before 11.8.5 and 12.1.0 for Node.js allows a redirect to a UNIX socket.
