Prerender Laravel pages using Clusteer and this nice package.

Renoki Co.

Last update: Aug 10, 2022

Related tags

Laravel php http middleware laravel browser prerender render puppeteer clusteer

Overview

Laravel Clusteer Prerender

Prerender Laravel pages using Clusteer and this nice package.

🤝 Supporting

If you are using one or more Renoki Co. open-source packages in your production apps, in presentation demos, hobby projects, school projects or so, spread some kind words about our work or sponsor our work via Patreon. 📦

🚀 Installation

You can install the package via composer:

composer require renoki-co/laravel-prerender

This package leverages Clusteer, a Puppeteer wrapper written for PHP which is way faster than traditional packages by running a long-lived process that can execute Puppeteer commands by opening new pages instead of opening new browsers for each website.

Clusteer is already installed when you will be installing Laravel Prerender, all you need to do is to read the installation guide for Clusteer

After you have configured Clusteer, you may start the server with:

php artisan clusteer:serve

🙌 Usage

Laravel Prerender comes with a middleware you can attach to your web routes.

use App\Http\Controller;
use RenokiCo\LaravelPrerender\Middleware\ShouldPrerender;

class Dashboard extends Controller
{
    public function __construct()
    {
        $this->middleware([
            ShouldPrerender::class,
        ]);
    }

    public function index()
    {
        return view('welcome');
    }
}

Prerendering Technique

The default prerendering instructions are the following:

use Illuminate\Http\Request;
use Jenssegers\Agent\Facades\Agent;
use RenokiCo\LaravelPrerender\Prerender;

Prerender::shouldPrerender(function (Request $request) {
    // Avoid infinite loop by excluding Clusteerbot/3.0 from prerendering,
    // because Clusteer is mimicking the browser.
    if ($request->isFromClusteerBot()) {
        return false;
    }

    if (! is_null($request->query('_escaped_fragment_'))) {
        return true;
    }

    if (Agent::isRobot() || $request->hasHeader('X-BUFFERBOT')) {
        return true;
    }

    return false;
});

You may overwrite the prerender technique in your AppServiceProvider's boot() method. Make sure to also avoid prerendering in case the User-Agent header is Clusteerbot/3.0. In the future, this header might change according to the package updates, but they will be marked as breaking changes.

use Illuminate\Http\Request;
use RenokiCo\LaravelPrerender\Prerender;

Prerender::shouldPrerender(function (Request $request) {
    // Avoid infinite loop by excluding Clusteerbot/3.0 from prerendering,
    // because Clusteer is mimicking the browser.
    if ($request->isFromClusteerBot()) {
        return false;
    }

    return $request->isGoogleBot();
});

Mutating the Clusteer request

The prerendering will be made using Clusteer's built-in PHP functions to get the rendered HTML. In some cases, you might want to modify the Clusteer's state with additional configs.

The $clusteer object is already initialized like below. You are free to append your own methods via the mutateClusteerOnRequest method in your AppServiceProvider's boot method:

Clusteer::to($request->fullUrl())
    ->waitUntilAllRequestsFinish()
    ->setUserAgent('Clusteerbot/3.0')
    ->withHtml();

use RenokiCo\LaravelPrerender\Prerender;

Prerender::mutateClusteerOnRequest(function (Clusteer $clusteer, Request $request) {
    return $clusteer->blockExtensions(['.css']);
});

🐛 Testing

vendor/bin/phpunit

🤝 Contributing

Please see CONTRIBUTING for details.

🔒 Security

If you discover any security related issues, please email [email protected] instead of using the issue tracker.

🎉 Credits

Comments

Update guzzlehttp/guzzle requirement from ^6.5|^7.0 to ^7.4.2
Updates the requirements on guzzlehttp/guzzle to permit the latest version.

Release notes

Sourced from guzzlehttp/guzzle's releases.

Release 7.4.2

See change log for changes.

Changelog

Sourced from guzzlehttp/guzzle's changelog.

7.4.2 - 2022-03-20

Fixed

Remove curl auth on cross-domain redirects to align with the Authorization HTTP header

Reject non-HTTP schemes in StreamHandler

Set a default ssl.peer_name context in StreamHandler to allow force_ip_resolve

7.4.1 - 2021-12-06

Changed

Replaced implicit URI to string coercion #2946

Allow symfony/deprecation-contracts version 3 #2961

Fixed

Only close curl handle if it's done #2950

7.4.0 - 2021-10-18

Added

Support PHP 8.1 #2929, #2939

Support psr/log version 2 and 3 #2943

Fixed

Make sure we always call restore_error_handler() #2915

Fix progress parameter type compatibility between the cURL and stream handlers #2936

Throw InvalidArgumentException when an incorrect headers array is provided #2916, #2942

Changed

Be more strict with types #2914, #2917, #2919, #2945

7.3.0 - 2021-03-23

Added

Support for DER and P12 certificates #2413

Support the cURL (http://) scheme for StreamHandler proxies #2850

Support for guzzlehttp/psr7:^2.0 #2878

Fixed

Handle exceptions on invalid header consistently between PHP versions and handlers #2872

7.2.0 - 2020-10-10

... (truncated)

Commits

See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies php
opened by dependabot[bot] 6
Laravel 9.x
This pull request includes changes from your build using the "Shift Workbench".

Before merging, you need to:

Checkout the shift-build-2349 branch

Review all comments for additional changes

Thoroughly test your application

Don't hesitate to send your feedback to [email protected] or share your :heart: for Shift on Twitter.
wontfix
opened by rennokki 5
Bump actions/setup-node from 3.4.1 to 3.5.1
Bumps actions/setup-node from 3.4.1 to 3.5.1.

Release notes

Sourced from actions/setup-node's releases.

Update @actions/core and Print Node, Npm, Yarn versions

In scope of this release we updated actions/core to 1.10.0. Moreover, we added logic to print Nodejs, Npm, Yarn versions after installation.

Add support for engines.node and Volta

In scope of this release we add support for engines.node. The action will be able to grab the version form package.json#engines.node. actions/setup-node#485. Moreover, we added support for Volta

Besides, we updated @actions/core to 1.9.1 and @actions/cache to 3.0.4

Commits

8c91899 Update @actions/core to 1.10.0 (#587)

c81d8ad Print node, npm and yarn versions after installation (#368)

c96ab56 Add information about always-auth input (#585)

969bd26 Fix test volta priority (#577)

9f3a02b Merge pull request #532 from jef/main

4cffe5c chore: remove sponge usage

0efefb3 Merge remote-tracking branch 'upstream/main'

1e6f2cd test: add volta e2e test

30f0e7d Update @actions/core to 1.9.1 (#574)

c8f0d10 upgrade @action/cache to 3.0.4 to fix stuck issue (#573)

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

wontfix dependencies github_actions
opened by dependabot[bot] 3
Update express requirement from ^4.17.2 to ^4.18.2
Updates the requirements on express to permit the latest version.

Release notes

Sourced from express's releases.

4.18.2

Fix regression routing a large stack in a single route

deps: [email protected]

deps: [email protected]

perf: remove unnecessary object clone

deps: [email protected]

Changelog

Sourced from express's changelog.

4.18.2 / 2022-10-08

Fix regression routing a large stack in a single route

deps: [email protected]

deps: [email protected]

perf: remove unnecessary object clone

deps: [email protected]

4.18.1 / 2022-04-29

Fix hanging on large stack of sync routes

4.18.0 / 2022-04-25

Add "root" option to res.download

Allow options without filename in res.download

Deprecate string and non-integer arguments to res.status

Fix behavior of null/undefined as maxAge in res.cookie

Fix handling very large stacks of sync middleware

Ignore Object.prototype values in settings through app.set/app.get

Invoke default with same arguments as types in res.format

Support proper 205 responses using res.send

Use http-errors for res.format error

deps: [email protected]

Fix error message for json parse whitespace in strict

Fix internal error when inflated body exceeds limit

Prevent loss of async hooks context

Prevent hanging when request already read

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

Add priority option

Fix expires option to reject invalid dates

deps: [email protected]

Replace internal eval usage with Function constructor

Use instance methods on process to check for listeners

deps: [email protected]

Remove set content headers that break response

deps: [email protected]

deps: [email protected]

deps: [email protected]

Prevent loss of async hooks context

deps: [email protected]

deps: [email protected]

... (truncated)

Commits

8368dc1 4.18.2

61f4049 docs: replace Freenode with Libera Chat

bb7907b build: [email protected]

f56ce73 build: [email protected]

24b3dc5 deps: [email protected]

689d175 deps: [email protected]

340be0f build: [email protected]

33e8dc3 docs: use Node.js name style

644f646 build: [email protected]

ecd7572 build: [email protected]

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

wontfix dependencies javascript
opened by dependabot[bot] 3
Bump dotenv from 8.6.0 to 16.0.3
Bumps dotenv from 8.6.0 to 16.0.3.

Changelog

Sourced from dotenv's changelog.

16.0.3 (2022-09-29)

Changed

Added library version to debug logs (#682)

16.0.2 (2022-08-30)

Added

Export env-options.js and cli-options.js in package.json for use with downstream dotenv-expand module

16.0.1 (2022-05-10)

Changed

Minor README clarifications

Development ONLY: updated devDependencies as recommended for development only security risks (#658)

16.0.0 (2022-02-02)

Added

Breaking: Backtick support 🎉 (#615)

If you had values containing the backtick character, please quote those values with either single or double quotes.

15.0.1 (2022-02-02)

Changed

Properly parse empty single or double quoted values 🐞 (#614)

15.0.0 (2022-01-31)

v15.0.0 is a major new release with some important breaking changes.

Added

Breaking: Multiline parsing support (just works. no need for the flag.)

Changed

Breaking: # marks the beginning of a comment (UNLESS the value is wrapped in quotes. Please update your .env files to wrap in quotes any values containing #. For example: SECRET_HASH="something-with-a-#-hash").

..Understandably, (as some teams have noted) this is tedious to do across the entire team. To make it less tedious, we recommend using dotenv cli going forward. It's an optional plugin that will keep your .env files in sync between machines, environments, or team members.

Removed

Breaking: Remove multiline option (just works out of the box now. no need for the flag.)

... (truncated)

Commits

560df15 v16.0.3

b56599c Update CHANGELOG

7ccc595 Merge pull request #682 from motdotla/version-in-log

dd9700d Remove info log as it currently effects preload options

7ba1c1c Introduce improved logging detail

ca68067 Update README

d905daa Update README

40e7544 Update README

1e4c69f Update README

b2a3164 Merge pull request #672 from elliotwaite/patch-1

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

wontfix dependencies javascript
opened by dependabot[bot] 3
Bump codecov/codecov-action from 2.1.0 to 3.1.1
Bumps codecov/codecov-action from 2.1.0 to 3.1.1.

Release notes

Sourced from codecov/codecov-action's releases.

3.1.1

What's Changed

Update deprecation warning by @slifty in codecov/codecov-action#661

Create codeql-analysis.yml by @mitchell-codecov in codecov/codecov-action#593

build(deps): bump node-fetch from 3.2.3 to 3.2.4 by @dependabot in codecov/codecov-action#714

build(deps-dev): bump typescript from 4.6.3 to 4.6.4 by @dependabot in codecov/codecov-action#713

README: fix typo by @Evalir in codecov/codecov-action#712

build(deps): bump github/codeql-action from 1 to 2 by @dependabot in codecov/codecov-action#724

build(deps-dev): bump @types/jest from 27.4.1 to 27.5.0 by @dependabot in codecov/codecov-action#717

fix: Remove a blank row by @johnmanjiro13 in codecov/codecov-action#725

Update README.md with correct badge version by @gsheni in codecov/codecov-action#726

build(deps-dev): bump @types/node from 17.0.25 to 17.0.33 by @dependabot in codecov/codecov-action#729

build(deps-dev): downgrade @types/node to 16.11.35 by @dependabot in codecov/codecov-action#734

build(deps): bump actions/checkout from 2 to 3 by @dependabot in codecov/codecov-action#723

build(deps): bump @actions/github from 5.0.1 to 5.0.3 by @dependabot in codecov/codecov-action#733

build(deps): bump @actions/core from 1.6.0 to 1.8.2 by @dependabot in codecov/codecov-action#732

build(deps-dev): bump @types/node from 16.11.35 to 16.11.36 by @dependabot in codecov/codecov-action#737

Create scorecards-analysis.yml by @mitchell-codecov in codecov/codecov-action#633

build(deps): bump ossf/scorecard-action from 1.0.1 to 1.1.0 by @dependabot in codecov/codecov-action#749

fix: add more verbosity to validation by @thomasrockhu-codecov in codecov/codecov-action#747

build(deps-dev): bump typescript from 4.6.4 to 4.7.3 by @dependabot in codecov/codecov-action#755

Regenerate scorecards-analysis.yml by @mitchell-codecov in codecov/codecov-action#750

build(deps-dev): bump @types/node from 16.11.36 to 16.11.39 by @dependabot in codecov/codecov-action#759

build(deps-dev): bump @types/node from 16.11.39 to 16.11.40 by @dependabot in codecov/codecov-action#762

build(deps-dev): bump @vercel/ncc from 0.33.4 to 0.34.0 by @dependabot in codecov/codecov-action#746

build(deps): bump ossf/scorecard-action from 1.1.0 to 1.1.1 by @dependabot in codecov/codecov-action#757

build(deps): bump openpgp from 5.2.1 to 5.3.0 by @dependabot in codecov/codecov-action#760

build(deps): bump actions/upload-artifact from 2.3.1 to 3.1.0 by @dependabot in codecov/codecov-action#748

build(deps-dev): bump typescript from 4.7.3 to 4.7.4 by @dependabot in codecov/codecov-action#766

Switch to v3 by @thomasrockhu in codecov/codecov-action#774

Fix network entry in table by @kevmoo in codecov/codecov-action#783

Trim arguments after splitting them by @mitchell-codecov in codecov/codecov-action#791

build(deps): bump openpgp from 5.3.0 to 5.4.0 by @dependabot in codecov/codecov-action#799

build(deps): bump @actions/core from 1.8.2 to 1.9.1 by @dependabot in codecov/codecov-action#798

Plumb failCi into verification function. by @RobbieMcKinstry in codecov/codecov-action#769

release: update changelog and version to 3.1.1 by @thomasrockhu-codecov in codecov/codecov-action#828

New Contributors

@slifty made their first contribution in codecov/codecov-action#661

@Evalir made their first contribution in codecov/codecov-action#712

@johnmanjiro13 made their first contribution in codecov/codecov-action#725

@gsheni made their first contribution in codecov/codecov-action#726

@kevmoo made their first contribution in codecov/codecov-action#783

@RobbieMcKinstry made their first contribution in codecov/codecov-action#769

Full Changelog: https://github.com/codecov/codecov-action/compare/v3.1.0...v3.1.1

v3.1.0

3.1.0

Features

... (truncated)

Changelog

Sourced from codecov/codecov-action's changelog.

3.1.1

Fixes

#661 Update deprecation warning

#593 Create codeql-analysis.yml

#712 README: fix typo

#725 fix: Remove a blank row

#726 Update README.md with correct badge version

#633 Create scorecards-analysis.yml

#747 fix: add more verbosity to validation

#750 Regenerate scorecards-analysis.yml

#774 Switch to v3

#783 Fix network entry in table

#791 Trim arguments after splitting them

#769 Plumb failCi into verification function.

Dependencies

#713 build(deps-dev): bump typescript from 4.6.3 to 4.6.4

#714 build(deps): bump node-fetch from 3.2.3 to 3.2.4

#724 build(deps): bump github/codeql-action from 1 to 2

#717 build(deps-dev): bump @types/jest from 27.4.1 to 27.5.0

#729 build(deps-dev): bump @types/node from 17.0.25 to 17.0.33

#734 build(deps-dev): downgrade @types/node to 16.11.35

#723 build(deps): bump actions/checkout from 2 to 3

#733 build(deps): bump @actions/github from 5.0.1 to 5.0.3

#732 build(deps): bump @actions/core from 1.6.0 to 1.8.2

#737 build(deps-dev): bump @types/node from 16.11.35 to 16.11.36

#749 build(deps): bump ossf/scorecard-action from 1.0.1 to 1.1.0

#755 build(deps-dev): bump typescript from 4.6.4 to 4.7.3

#759 build(deps-dev): bump @types/node from 16.11.36 to 16.11.39

#762 build(deps-dev): bump @types/node from 16.11.39 to 16.11.40

#746 build(deps-dev): bump @vercel/ncc from 0.33.4 to 0.34.0

#757 build(deps): bump ossf/scorecard-action from 1.1.0 to 1.1.1

#760 build(deps): bump openpgp from 5.2.1 to 5.3.0

#748 build(deps): bump actions/upload-artifact from 2.3.1 to 3.1.0

#766 build(deps-dev): bump typescript from 4.7.3 to 4.7.4

#799 build(deps): bump openpgp from 5.3.0 to 5.4.0

#798 build(deps): bump @actions/core from 1.8.2 to 1.9.1

3.1.0

Features

#699 Incorporate xcode arguments for the Codecov uploader

Dependencies

#694 build(deps-dev): bump @vercel/ncc from 0.33.3 to 0.33.4

#696 build(deps-dev): bump @types/node from 17.0.23 to 17.0.25

#698 build(deps-dev): bump jest-junit from 13.0.0 to 13.2.0

3.0.0

Breaking Changes

#689 Bump to node16 and small fixes

... (truncated)

Commits

d9f34f8 release: update changelog and version to 3.1.1 (#828)

0e9e7b4 Plumb failCi into verification function. (#769)

7f20bd4 build(deps): bump @actions/core from 1.8.2 to 1.9.1 (#798)

13bc253 build(deps): bump openpgp from 5.3.0 to 5.4.0 (#799)

5c0da1b Trim arguments after splitting them (#791)

68d5f6d Fix network entry in table (#783)

2a829b9 Switch to v3 (#774)

8e09eaf build(deps-dev): bump typescript from 4.7.3 to 4.7.4 (#766)

39e2229 build(deps): bump actions/upload-artifact from 2.3.1 to 3.1.0 (#748)

b2b7703 build(deps): bump openpgp from 5.2.1 to 5.3.0 (#760)

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

wontfix dependencies github_actions
opened by dependabot[bot] 3
Bump actions/cache from 3.0.1 to 3.0.4
Bumps actions/cache from 3.0.1 to 3.0.4.

Release notes

Sourced from actions/cache's releases.

v3.0.4

In this release, we have fixed the tar creation error while trying to create it with path as ~/ home folder on ubuntu-latest.

v3.0.3

Fixed avoiding empty cache save when no files are available for caching. (actions/cache#624)

v3.0.2

This release adds the support for dynamic cache size cap on GHES.

Changelog

Sourced from actions/cache's changelog.

3.0.1

Added support for caching from GHES 3.5.

Fixed download issue for files > 2GB during restore.

3.0.2

Added support for dynamic cache size cap on GHES.

3.0.3

Fixed avoiding empty cache save when no files are available for caching. (issue)

3.0.4

Fixed tar creation error while trying to create tar with path as ~/ home folder on ubuntu-latest. (issue)

Commits

c3f1317 Merge pull request #813 from actions/users/kotewar/upgrading-cache-to-v2.0.6

d0a54b9 Fixed typo

8c5bd0c Updated README file with release info

c9c0f73 Merge pull request #812 from actions/users/kotewar/upgrading-cache-to-v2.0.6

2b6caae Merge pull request #495 from ostera/patch-1

dd58d13 Added release info and upgraded version

acace7f Merge branch 'main' into patch-1

438628a Merge pull request #554 from albertstill/improve-restore-key-docs

c296e6a Updated @actions/cache version in license file

7ed7f22 Updated actions/cache to v2.0.6

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

wontfix dependencies github_actions
opened by dependabot[bot] 3
Bump actions/setup-node from 3.1.0 to 3.3.0
Bumps actions/setup-node from 3.1.0 to 3.3.0.

Release notes

Sourced from actions/setup-node's releases.

Add support for lts/-n aliases

In scope of this release we added support for lts/-n aliases, improve logic for current, latest and node aliases to handle them from toolcache, update ncc package.

Support of lts/-n aliases

Related pull request: actions/setup-node#481

Related issue: actions/setup-node#26

steps: - uses: actions/checkout@v3 - uses: actions/setup-node@v3 with: node-version: lts/-1 - run: npm ci - run: npm test

Minor improvements

Update zeit/ncc to vercel/ncc: actions/setup-node#476

Get latest version from cache if exists: actions/setup-node#496

Add current, node, latest aliases

In scope of this release we added new aliases to install the latest Node.js version. actions/setup-node#483

steps: - uses: actions/checkout@v3 - uses: actions/setup-node@v3 with: node-version: current - run: npm ci - run: npm test

Update actions/cache version to 2.0.2

In scope of this release we updated actions/cache package as the new version contains fixes related to GHES 3.5 (actions/setup-node#460)

Commits

eeb10cf Support lts/-n aliases (#481)

ed1a46e Update zeit/ncc to vercel/ncc (#476)

daff393 Merge pull request #496 from panticmilos/v-mpantic/get-latest-version-from-cache

b14573d remove installer import

7569de0 rename dist manifest to node versions

b20a256 get manifest once

ea3459b docs: Update advanced-usage.md (#495)

141334f remove unnecessary dist call

808c8f9 remove bumping deps

fd1b409 unit tests

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

wontfix dependencies github_actions
opened by dependabot[bot] 3
Bump dotenv from 8.6.0 to 16.0.1
Bumps dotenv from 8.6.0 to 16.0.1.

Changelog

Sourced from dotenv's changelog.

16.0.1 (2022-05-10)

Changed

Minor README clarifications

Development ONLY: updated devDependencies as recommended for development only security risks (#658)

16.0.0 (2022-02-02)

Added

Breaking: Backtick support 🎉 (#615)

If you had values containing the backtick character, please quote those values with either single or double quotes.

15.0.1 (2022-02-02)

Changed

Properly parse empty single or double quoted values 🐞 (#614)

15.0.0 (2022-01-31)

v15.0.0 is a major new release with some important breaking changes.

Added

Breaking: Multiline parsing support (just works. no need for the flag.)

Changed

Breaking: # marks the beginning of a comment (UNLESS the value is wrapped in quotes. Please update your .env files to wrap in quotes any values containing #. For example: SECRET_HASH="something-with-a-#-hash").

..Understandably, (as some teams have noted) this is tedious to do across the entire team. To make it less tedious, we recommend using dotenv cli going forward. It's an optional plugin that will keep your .env files in sync between machines, environments, or team members.

Removed

Breaking: Remove multiline option (just works out of the box now. no need for the flag.)

14.3.2 (2022-01-25)

Changed

Preserve backwards compatibility on values containing # 🐞 (#603)

14.3.1 (2022-01-25)

Changed

Preserve backwards compatibility on exports by re-introducing the prior in-place exports 🐞 (#606)

... (truncated)

Commits

b016108 Version bump - patch 16.0.1

582afcd Update CHANGELOG

b5d6c02 Merge pull request #658 from motdotla/dev-dep-updates

f71fdcd Update various dev dependencies

6be370b Update dev dependency @types/node

0318510 Update links in README

1c2092c Change link

578574c Update README

5e2f74a Update README

49256ae Update README

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

wontfix dependencies javascript
opened by dependabot[bot] 3
Update express requirement from ^4.17.2 to ^4.18.1
Updates the requirements on express to permit the latest version.

Release notes

Sourced from express's releases.

4.18.1

Fix hanging on large stack of sync routes

Changelog

Sourced from express's changelog.

4.18.1 / 2022-04-29

Fix hanging on large stack of sync routes

4.18.0 / 2022-04-25

Add "root" option to res.download

Allow options without filename in res.download

Deprecate string and non-integer arguments to res.status

Fix behavior of null/undefined as maxAge in res.cookie

Fix handling very large stacks of sync middleware

Ignore Object.prototype values in settings through app.set/app.get

Invoke default with same arguments as types in res.format

Support proper 205 responses using res.send

Use http-errors for res.format error

deps: [email protected]

Fix error message for json parse whitespace in strict

Fix internal error when inflated body exceeds limit

Prevent loss of async hooks context

Prevent hanging when request already read

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

Add priority option

Fix expires option to reject invalid dates

deps: [email protected]

Replace internal eval usage with Function constructor

Use instance methods on process to check for listeners

deps: [email protected]

Remove set content headers that break response

deps: [email protected]

deps: [email protected]

deps: [email protected]

Prevent loss of async hooks context

deps: [email protected]

deps: [email protected]

Fix emitted 416 error missing headers property

Limit the headers removed for 304 response

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

... (truncated)

Commits

d854c43 4.18.1

b02a95c build: [email protected]

631ada0 Fix hanging on large stack of sync routes

75e0c7a bench: remove unused parameter

e2482b7 build: [email protected]

2df96e3 build: [email protected]

a38fae1 build: [email protected]

547fdd4 4.18.0

0b330ef bench: print latency and vary connections

158a170 build: support Node.js 18.x

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

wontfix dependencies javascript
opened by dependabot[bot] 3
Bump actions/setup-node from 2.5.1 to 3
Bumps actions/setup-node from 2.5.1 to 3.

Release notes

Sourced from actions/setup-node's releases.

v3.0.0

In scope of this release we changed version of the runtime Node.js for the setup-node action and updated package-lock.json file to v2.

Breaking Changes

With the update to Node 16 in actions/setup-node#414, all scripts will now be run with Node 16 rather than Node 12.

We removed deprecated version input (actions/setup-node#424). Please use node-version input instead.

Commits

9ced9a4 remove version input (#424)

3e90744 Update lockfileVersion (#422)

28df918 Update default runtime to node16 (#414)

f099707 fix tsc build error for @actions/http-client (#402)

f658dc5 ci: use NPM cache in check-dist (#393)

5e2e068 ci(workflow): add cache to workflows using actions/setup-node (#287)

7a0f7a9 Fix grammar in the README (#331)

7b55867 chore: Remove strategy for non-matrix builds (#186)

See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

wontfix dependencies github_actions
opened by dependabot[bot] 3
Bump actions/cache from 3.0.5 to 3.2.1
Bumps actions/cache from 3.0.5 to 3.2.1.

Release notes

Sourced from actions/cache's releases.

v3.2.1

What's Changed

Release compression related changes for windows by @Phantsure in actions/cache#1039

Upgrade codeql to v2 by @Phantsure in actions/cache#1023

Full Changelog: https://github.com/actions/cache/compare/v3.2.0...v3.2.1

v3.2.0

What's Changed

fix wrong timeout env var key in README.md by @walterddr in actions/cache#959

Updated release doc with correct env variable by @kotewar in actions/cache#960

Create pull_request_template.md by @pdotl in actions/cache#963

Update README with clearer info about cache-hit and its value by @kotewar in actions/cache#961

Change datadog/squid to Ubuntu/squid in CI check by @bishal-pdMSFT in actions/cache#976

Add more details to version section in readme by @bishal-pdMSFT in actions/cache#971

Update hashFiles documentation reference by @asaf400 in actions/cache#979

Updated link for cache segment download info by @kotewar in actions/cache#986

Readme update for deleting caches by @t-dedah in actions/cache#981

Add oncall logic to assign issues and PRs by @vsvipul in actions/cache#997

Bump minimatch from 3.0.4 to 3.1.2 by @dependabot in actions/cache#998

Revert "Bump minimatch from 3.0.4 to 3.1.2" by @vsvipul in actions/cache#1005

Fix npm vulnerability by @Phantsure in actions/cache#1007

refactor: Use early return pattern to avoid nested conditions by @jongwooo in actions/cache#1013

Use cache in check-dist.yml by @jongwooo in actions/cache#1004

chore: Use built-in cache action to cache dependencies by @jongwooo in actions/cache#1014

Updated node example by @t-dedah in actions/cache#1008

Fix: Node npm doc example by @apascualm in actions/cache#1026

docs: fix an invalid link in workarounds.md by @teatimeguest in actions/cache#929

General Availability release for granular cache by @kotewar in actions/cache#1035 More details here on beta release.

New Contributors

@walterddr made their first contribution in actions/cache#959

@asaf400 made their first contribution in actions/cache#979

@jongwooo made their first contribution in actions/cache#1013

@apascualm made their first contribution in actions/cache#1026

@teatimeguest made their first contribution in actions/cache#929

Full Changelog: https://github.com/actions/cache/compare/v3...v3.2.0

v3.2.0-beta.1

What's Changed

Actions Cache Granular Control Implementation by @kotewar in actions/cache#1006

v3.1.0-beta.3

What's Changed

Bug fixes for bsdtar fallback, if gnutar not available, and gzip fallback, if cache saved using old cache action, on windows.

Full Changelog: https://github.com/actions/cache/compare/v3.1.0-beta.2...v3.1.0-beta.3

... (truncated)

Changelog

Sourced from actions/cache's changelog.

3.0.5

Removed error handling by consuming actions/cache 3.0 toolkit, Now cache server error handling will be done by toolkit. (PR)

3.0.6

Fixed #809 - zstd -d: no such file or directory error

Fixed #833 - cache doesn't work with github workspace directory

3.0.7

Fixed #810 - download stuck issue. A new timeout is introduced in the download process to abort the download if it gets stuck and doesn't finish within an hour.

3.0.8

Fix zstd not working for windows on gnu tar in issues #888 and #891.

Allowing users to provide a custom timeout as input for aborting download of a cache segment using an environment variable SEGMENT_DOWNLOAD_TIMEOUT_MINS. Default is 60 minutes.

3.0.9

Enhanced the warning message for cache unavailablity in case of GHES.

3.0.10

Fix a bug with sorting inputs.

Update definition for restore-keys in README.md

3.0.11

Update toolkit version to 3.0.5 to include @actions/core@^1.10.0

Update @actions/cache to use updated saveState and setOutput functions from @actions/core@^1.10.0

3.1.0-beta.1

Update @actions/cache on windows to use gnu tar and zstd by default and fallback to bsdtar and zstd if gnu tar is not available. (issue)

3.1.0-beta.2

Added support for fallback to gzip to restore old caches on windows.

3.1.0-beta.3

Bug fixes for bsdtar fallback if gnutar not available and gzip fallback if cache saved using old cache action on windows.

3.2.0-beta.1

Added two new actions - restore and save for granular control on cache.

3.2.0

Released the two new actions - restore and save for granular control on cache

3.2.1

Update @actions/cache on windows to use gnu tar and zstd by default and fallback to bsdtar and zstd if gnu tar is not available. (issue)

Added support for fallback to gzip to restore old caches on windows.

Added logs for cache version in case of a cache miss.

Commits

c1a5de8 Upgrade codeql to v2 (#1023)

9b0be58 Release compression related changes for windows (#1039)

c17f4bf GA for granular cache (#1035)

ac25611 docs: fix an invalid link in workarounds.md (#929)

dc097e3 Update examples.md (#1026)

fb86cbf Updated node example (#1008)

a57932f Merge pull request #1014 from jongwooo/chore/use-built-in-cache-action

04b13ca chore: Use built-in cache action to cache dependencies

941bc71 Merge pull request #1004 from jongwooo/chore/use-cache-in-check-dist

08d8639 Merge branch 'main' into chore/use-cache-in-check-dist

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependencies github_actions
opened by dependabot[bot] 0