Skip to content

Release Proposal 2.2.1 #644

New issue
New issue
Open
Task
Open
Release Proposal 2.2.1#644
Task
Labels
release
@Phillip9587

Description

@Phillip9587
Phillip9587
opened on Oct 3, 2025

What changed

  • refactor: move common request validation to read function
  • deps:
    • type-is@^2.0.1
    • iconv-lite@^0.7.0
    • raw-body@^3.0.1
    • debug@^4.4.3

Additionally, I’d like to include #642 to update debug to ^4.4.3 to force users to update from the compromised 4.4.2 version. Edit: #642 already merged

The critical change here is the iconv-lite update to 0.7.0, which addresses important issues.

A new release is needed to deduplicate iconv-lite in our dependency tree (see npmgraph). Currently, two versions of iconv-lite are being pulled in. Since iconv-lite is pre-1.0.0, semver treats ^0.6.3 like ~0.6.3 (it matches only 0.6.x), so it won’t float to 0.7.0. Releasing with iconv-lite@^0.7.0 lets npm dedupe our tree to a single 0.7.x.

Metadata

Metadata

Assignees

No one assigned

    Labels

    release

    Type

    Task

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions