bitly - npm Package Compare versions

Comparing version 6.1.0 to 7.0.0

package.json

@@ -12,6 +12,5 @@ {
   "homepage": "https://github.com/tanepiper/node-bitly",
-  "version": "6.1.0",
+  "version": "7.0.0",
   "author": {
     "name": "Tane Piper",
-    "email": "piper.tane@gmail.com",
     "url": "https://github.com/tanepiper"
@@ -41,2 +40,6 @@ },
       "email": "specious@gmail.com"
+    },
+    {
+      "name": "Joshua Tzucker",
+      "url": "https://joshuatz.com/"
     }
@@ -52,6 +55,6 @@ ],
   "engines": {
-    "node": ">= 6.10.0"
+    "node": ">= 10.0.0"
   },
   "scripts": {
-    "test": "VCR_MODE=cache mocha -r ts-node/register --reporter list src/*.spec.ts",
+    "test": "mocha -r ts-node/register --reporter list src/*.spec.ts",
     "build": "npx tsc",
@@ -61,19 +64,17 @@ "docs": "rm -rf ./docs && npx typedoc --readme ./README.md --out ./docs && touch ./docs/.nojekyll"
   "devDependencies": {
-    "@types/chai": "^4.1.7",
-    "@types/node": "^12.0.8",
-    "@types/request-promise": "^4.1.44",
+    "@types/chai": "^4.2.10",
+    "@types/node": "^13.7.7",
     "chai": "^4.2.0",
-    "jsdoc": "^3.6.2",
+    "jsdoc": "^3.6.3",
     "minami": "^1.2.3",
-    "mocha": "^6.1.4",
+    "mocha": "^7.1.0",
     "mocha-typescript": "^1.1.17",
-    "np": "^5.0.3",
-    "sepia": "^2.0.2",
-    "ts-node": "^8.2.0",
-    "typedoc": "^0.14.2",
-    "typescript": "^3.5.2"
+    "np": "^5.2.1",
+    "replay": "^2.4.0",
+    "ts-node": "^8.6.2",
+    "typedoc": "^0.16.11",
+    "typescript": "^3.8.3"
   },
   "dependencies": {
-    "request": "^2.88.0",
-    "request-promise": "^4.2.4",
+    "axios": "^0.19.2",
     "valid-url": "^1.0.9"
@@ -80,0 +81,0 @@ },

README.md

@@ -5,11 +5,30 @@ # node-bitly - Unofficial Bitly API for nodejs
 
-## Current Versions
+### V6.x.x to V7.x.x transition - aka V3 of Bitly API to V4 - Breaking Changes
+In March 2020, Bitly deprecated the v3 of their API, and switched to v4. Unfortunately, even with the changes to this package to make it compatible, there are several unavoidable breaking changes. These are summarized below:
+ - Endpoints no longer support bulk options (multiple hashes or URLs in a single request)
+   - Most importantly, this affects `expand()` and `shorten()`
+   - As a general rule of thumb, *none* of the v4 endpoints take bulk inputs
+ - Return types have changed, for multiple endpoints
+ - DEPRECATED: The `lookup` method and corresponding endpoint have been deprecated
+ 
+With these changes all previous versions of this library are now full deprecated and there is only 1 version starting with v7.0.0
 
-* [v6.0.x](https://github.com/tanepiper/node-bitly) - Support for Node >=6. Available on npm as `npm install bitly@latest`
-* [v5.1.x](https://github.com/tanepiper/node-bitly/tree/v5.x.x) - Support for Node >=4. Available on npm as `npm install bitly@stable`
+Here is a simple example of how you might have to update your use of node-bitly to account for the change:
+```js
+// Both versions
+const BitlyClient = require('bitly').BitlyClient;
+const bitly = new BitlyClient('<accessToken>');
 
-Version 5 is end-of-life and will only recieve minor updates in the future and is considered stable.  This will only ever support the **Bitly v3** API
+// v6.1.0
+async function example(url) {
+  const response = await bitly.shorten(url);
+  console.log(`Your shortened bitlink is ${response.url}`);
+}
+// v7.x.x
+async function example(url) {
+  const response = await bitly.shorten(url);
+  console.log(`Your shortened bitlink is ${response.link}`);
+}
+```
 
-Version 6 is the current in-development version, re-written in Typescript. This version currently only supports the **Bitly v3** API and will continue to do so in `v6.0.x`. Version `6.1.x` will introduce **Bitly v4** support.
-
 ## Module Features
@@ -19,8 +38,6 @@
 
-For more information on the API request and responses visit the [Bitly API docs](https://dev.bitly.com/api.html)
+For more information on the API request and responses visit the [Bitly API docs](https://dev.bitly.com/v4_documentation.html)
 
-`node-bitly` is programmed with `TypeScript` but is compiled to JavaScript and supports `node 6, 8, 10`.  When you import the client you get full type information.  There maybe be some gaps in the information but this will be filled in, in future releases.
+`node-bitly` is programmed with `TypeScript` but is compiled to JavaScript and supports `node >= 10.0.0`.  When you import the client you get full type information.  There maybe be some gaps in the information but this will be filled in, in future releases.
 
-**Currently `node-bitly` only supports Bitly's `v3` API and has this hard coded in the parameter type.  Support for version 4 will be added in a future release**
-
 ## Installation
@@ -45,3 +62,3 @@
 
-```js
+```ts
 import { BitlyClient } from 'bitly';
@@ -63,2 +80,22 @@ const bitly = new BitlyClient('<accessToken>', {});
 
+When the library throws an error, it should be the error object response from Bitly, but if something has gone wrong with your internet or intermediate requests, it is possible that a generic AxiosError might get returned. You can use an exported Type Guard to narrow the type:
+```ts
+import {BitlyClient, isBitlyErrResponse} from 'bitly';
+const bitly = new BitlyClient(process.env.BITLY_API_KEY);
+let data: BitlyLink;
+
+try {
+  data = await bitly.shorten('http://bit.ly/38XaXKy');
+} catch (error) {
+  if (isBitlyErrResponse(error)) {
+    // Inferred type by TS is `BitlyErrorResponse`
+    console.log(`Bitly error: ${error.description}`);
+  } else if (error.isAxiosError) {
+    // Infererred type is `any`, but you can cast to AxiosError safely
+    const axiosError = error as unknown as AxiosError;
+    console.log(`AxiosError:`, axiosError.toJSON());
+  }
+}
+```
+
 #### JavaScript
@@ -115,9 +152,6 @@
 
-To run tests type `npm test`. Please note one test will fail if you use your own API key, please update the string accordingly.
+To run tests type `npm test`.
 
-## Support This Project
-This module is a side project of mine and I don't actively use the module except to completly over-engineer the CI pipeline and re-write it in Typescript all in the name of learning.  But to add features like the v4 API would take a lot of work, so if you use this library a lot please consider donating using the links below. Or if you learned something useful from one of my blog posts talking about the changes I've done with this module please consider leaving a tip.
+The tests use [`replay`](https://www.npmjs.com/package/replay), which caches the responses from Bitly under the `/fixtures` directory, until you edit a test's requests payload. This means you can run the test suite without having a Bitly API key, until you need to edit or add a new test.
 
-[![Beerpay](https://beerpay.io/tanepiper/node-bitly/badge.svg?style=beer-square)](https://beerpay.io/tanepiper/node-bitly)  [![Beerpay](https://beerpay.io/tanepiper/node-bitly/make-wish.svg?style=flat-square)](https://beerpay.io/tanepiper/node-bitly?focus=wish)
-
-You can also [PayPal Me](https://paypal.me/tanepiper).
+Once you need to run tests that can't use a cached response and actually hit Bitly's API, you will need to pass your API key to the tests by having an environment variable `BITLY_API_KEY` set to the value of your key.

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Deprecated

Maintenance

The maintainer of the package marked it as deprecated. This could indicate that a single version should not be used, or that the package is no longer maintained and any new vulnerabilities will not be fixed.

Found 1 instance in 1 package

Empty package

Supply chain risk

Package does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Deprecated

Maintenance

The maintainer of the package marked it as deprecated. This could indicate that a single version should not be used, or that the package is no longer maintained and any new vulnerabilities will not be fixed.

Found 1 instance in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 2 instances in 1 package

Minified code

Quality

This package contains minified code. This may be harmless in some cases where minified code is included in packaged libraries, however packages on npm should not minify code.

Found 1 instance in 1 package

Improved metrics

Dependency count

2

decreased by-33.33%

Dev dependency count

12

decreased by-7.69%

Number of low quality alerts

0

decreased by-100%

Number of lines in readme file

153

increased by28.57%

Number of medium supply chain risk alerts

2

decreased by-33.33%

Worsened metrics

Total package byte prevSize

8472

decreased by-98.66%

Number of package files

3

decreased by-93.33%

Lines of code

0

decreased by-100%

Dependency changes

• + Addedaxios@^0.19.2

• + Addedaxios@0.19.2(transitive)

• + Addedfollow-redirects@1.5.10(transitive)

• - Removedrequest@^2.88.0

• - Removedrequest-promise@^4.2.4

• - Removedajv@6.12.6(transitive)

• - Removedasn1@0.2.6(transitive)

• - Removedassert-plus@1.0.0(transitive)

• - Removedasynckit@0.4.0(transitive)

• - Removedaws-sign2@0.7.0(transitive)

• - Removedaws4@1.13.2(transitive)

• - Removedbcrypt-pbkdf@1.0.2(transitive)

• - Removedbluebird@3.7.2(transitive)

• - Removedcaseless@0.12.0(transitive)

• - Removedcombined-stream@1.0.8(transitive)

• - Removedcore-util-is@1.0.2(transitive)

• - Removeddashdash@1.14.1(transitive)

• - Removeddelayed-stream@1.0.0(transitive)

• - Removedecc-jsbn@0.1.2(transitive)

• - Removedextend@3.0.2(transitive)

• - Removedextsprintf@1.3.0(transitive)

• - Removedfast-deep-equal@3.1.3(transitive)

• - Removedfast-json-stable-stringify@2.1.0(transitive)

• - Removedforever-agent@0.6.1(transitive)

• - Removedform-data@2.3.3(transitive)

• - Removedgetpass@0.1.7(transitive)

• - Removedhar-schema@2.0.0(transitive)

• - Removedhar-validator@5.1.5(transitive)

• - Removedhttp-signature@1.2.0(transitive)

• - Removedis-typedarray@1.0.0(transitive)

• - Removedisstream@0.1.2(transitive)

• - Removedjsbn@0.1.1(transitive)

• - Removedjson-schema@0.4.0(transitive)

• - Removedjson-schema-traverse@0.4.1(transitive)

• - Removedjson-stringify-safe@5.0.1(transitive)

• - Removedjsprim@1.4.2(transitive)

• - Removedlodash@4.17.21(transitive)

• - Removedmime-db@1.52.0(transitive)

• - Removedmime-types@2.1.35(transitive)

• - Removedoauth-sign@0.9.0(transitive)

• - Removedperformance-now@2.1.0(transitive)

• - Removedpsl@1.15.0(transitive)

• - Removedpunycode@2.3.1(transitive)

• - Removedqs@6.5.3(transitive)

• - Removedrequest@2.88.2(transitive)

• - Removedrequest-promise@4.2.6(transitive)

• - Removedrequest-promise-core@1.1.4(transitive)

• - Removedsafe-buffer@5.2.1(transitive)

• - Removedsafer-buffer@2.1.2(transitive)

• - Removedsshpk@1.18.0(transitive)

• - Removedstealthy-require@1.1.1(transitive)

• - Removedtough-cookie@2.5.0(transitive)

• - Removedtunnel-agent@0.6.0(transitive)

• - Removedtweetnacl@0.14.5(transitive)

• - Removeduri-js@4.4.1(transitive)

• - Removeduuid@3.4.0(transitive)

• - Removedverror@1.10.0(transitive)