Releases: MajorTanya/itty-compression
@major-tanya/itty-compression v0.2.2
89af466This release covers several security fixes:
- CVE-2024-4067, which affects micromatch < 4.0.8, which globby and other project devDependencies transitively depend on via fast-glob (upgraded to 4.0.8)
- CVE-2024-45811 and CVE-2024-45812, which affect vite >=5.3.0, <=5.3.5, which vitest depends on (upgraded to 5.4.8)
- CVE-2024-47068, which affects rollup >=4.0.0, <4.22.4 (upgraded to 4.22.4)
Other changes:
- Bumped dependencies
Full Changelog: v0.2.1...v0.2.2
@major-tanya/itty-compression v0.2.1
bf2939aThis release covers a security fix for CVE-2024-4068, which affected braces < 3.0.3 (which globby transitively depends on via fast-glob and micromatch). These upgrades mean braces 3.0.3 is now used under the hood.
- Bumped dependencies
Full Changelog: v0.2.0...v0.2.1
@major-tanya/itty-compression v0.2.0
767ccf2This is a breaking change, see “How to migrate”
This release is a substantial rewrite of the inner mechanics of itty-compression.
Changes:
- (BREAKING) Swapped order of arguments (now
Responsecomes first,Requestcomes second) - (BREAKING) Middlewares can now only accept
Responseobjects for their input and not arbitrary content (make sure you have a formatter/handler middleware set before any of the compression ones) - Fixed Vary header not being added/updated when using the single algorithm middlewares
- Make use of generics in internal systems
How to migrate
- Swap the argument order of
RequestandResponselike this:
// example export, your exact setup might look different
export default {
fetch: (request, ...args) => router
.handle(...args)
.then(json)
- .then((response) => negotiatedCompression(request, response))
+ .then((response) => negotiatedCompression(response, request))
.catch(error),
};This swapping was necessary to allow for very concise syntax with itty-router's more batteries-included v5 routers. Also, check out whether AutoRouter or the medium Router may be useful to you, they are more concise than the v4 router (which still exists as IttyRouter now).
Although this is a breaking release, it is only a minor version increase, as itty-compression is not considered stable at this time. There are no further breaking changes like this expected in the future, but that is not a guarantee they won't happen.
Full Changelog: v0.1.6...v0.2.0
@major-tanya/itty-compression v0.1.6
v0.1.5 was missing the build step and ended up as an empty package on NPM. It has been unpublished.
- Fixed missing build step in publishing workflow
Full Changelog: v0.1.5...v0.1.6
@major-tanya/itty-compression v0.1.5
Do not use v0.1.5, it was missing files, use v0.1.6+
This release introduces Provenance to the itty-compression package, which keeps a public ledger of the build commit, the build instructions, and such related information. It is also displayed on NPM itself.
This release includes:
- New
publishworkflow with--provenanceoption - Bumped dependencies
- Typo fix in a test case description
Full Changelog: v0.1.4...v0.1.5
@major-tanya/itty-compression v0.1.4
This release covers a security fix for CVE-2024-23331, which affected vite =>5.0.0 (which vitest depended on). These upgrades mean vite 5.0.12 is now used under the hood.
- Bumped dependencies
Full Changelog: v0.1.3...v0.1.4
@major-tanya/itty-compression v0.1.3
This release covers a security fix for CVE-2023-49293, which affected vite 4.5.0 (which vitest depended on). These upgrades mean vite 5.x is now used under the hood.
- Bumped dependencies
The badges for the middleware sizes in the README.md should now send you to the bundlejs.com website for each of the middlewares.
Full Changelog: v0.1.2...v0.1.3
@major-tanya/itty-compression v0.1.2
- FIXED
statusandstatusTextof intermediate Responses being set to200andOK, respectively, for all intermediate Responses. - Bumped dependencies
Full Changelog: v0.1.1...v0.1.2
@major-tanya/itty-compression v0.1.1
- ADDED
engines: node >=18topackage.json
Full Changelog: v0.1.0...v0.1.1
@major-tanya/itty-compression v0.1.0
Initial Release