v1.5.4

This release overwrites some of got-scraping's bad defaults, such as allowing insecure HTTP parser (which could lead to HTTP request smuggling) or ignoring invalid certificates (whereas someone visiting it with a browser will NOT be allowed to proceed, for good reasons).

Plus, it adds request headers to try to better emulate an actual user.

• overwrite invalid TLS certificates 022ba15
• add got-scraping options 539363e
• update deps ce0d6d9

v1.5.3...v1.5.4

v1.5.3

The only commit that matters is the first one (79b42b0) - I've bumped up the vulnerable versions of sub-packages to address an issue with css-select that might be vulnerable.

• audit fix 79b42b0
• Merge pull request #40 from JaneJeon/dependabot/npm_and_yarn/jest-27.4.5 719a946
• Merge pull request #41 from JaneJeon/dependabot/npm_and_yarn/got-12.0.0 bdeca84
• Bump got from 12.0.0-beta.4 to 12.0.0 4065b7a
• Bump jest from 27.4.3 to 27.4.5 2f759e6
• Merge pull request #39 from JaneJeon/dependabot/npm_and_yarn/jest-27.4.3 0e58224
• Merge pull request #38 from JaneJeon/dependabot/npm_and_yarn/re2-1.17.1 e9458a0
• Bump jest from 27.3.1 to 27.4.3 f1de302
• Bump re2 from 1.16.0 to 1.17.1 1f9d056
• Merge pull request #35 from JaneJeon/dependabot/npm_and_yarn/lint-staged-12.1.2 90f9583
• Merge pull request #34 from JaneJeon/dependabot/npm_and_yarn/quick-lru-6.0.2 604f64f
• Bump lint-staged from 12.0.2 to 12.1.2 2bd73d8
• Bump quick-lru from 6.0.1 to 6.0.2 9fdf775
• Merge pull request #32 from JaneJeon/dependabot/npm_and_yarn/lint-staged-12.0.2 e1a96a4
• Merge pull request #33 from JaneJeon/dependabot/npm_and_yarn/nock-13.2.1 fc1297e
• Bump nock from 13.2.0 to 13.2.1 521a5fa
• Bump lint-staged from 11.2.6 to 12.0.2 3c7f648
• Merge pull request #31 from JaneJeon/dependabot/npm_and_yarn/nock-13.2.0 20f1542
• Bump nock from 13.1.4 to 13.2.0 fb3e38e
• Merge pull request #30 from JaneJeon/dependabot/npm_and_yarn/lint-staged-11.2.6 bcd8709
• Bump lint-staged from 11.1.2 to 11.2.6 b788a21
• fuck 1678ad2
• begone, evil circle d237033
• fix deps d635cb9
• Merge pull request #23 from JaneJeon/dependabot/npm_and_yarn/eslint-plugin-promise-5.1.1 d1e500f
• Merge pull request #25 from JaneJeon/dependabot/npm_and_yarn/nock-13.1.4 81b0130
• Merge pull request #26 from JaneJeon/dependabot/npm_and_yarn/jest-27.3.1 3e838d8
• Merge pull request #27 from JaneJeon/dependabot/npm_and_yarn/lint-staged-11.2.4 f2a8bd7
• Merge pull request #24 from JaneJeon/dependabot/npm_and_yarn/p-timeout-5.0.2 c6720ea
• Bump lint-staged from 11.2.3 to 11.2.4 177294d
• Bump jest from 27.3.0 to 27.3.1 8992224
• Bump nock from 13.1.3 to 13.1.4 7bfd35f
• Bump p-timeout from 5.0.1 to 5.0.2 fbd2fa2
• Bump eslint-plugin-promise from 5.1.0 to 5.1.1 4033b0d
• Merge pull request #19 from JaneJeon/dependabot/npm_and_yarn/eslint-plugin-import-2.25.2 8abae0f
• Merge pull request #20 from JaneJeon/dependabot/npm_and_yarn/cacheable-lookup-6.0.4 28c596b
• Merge pull request #21 from JaneJeon/dependabot/npm_and_yarn/jest-27.3.0 6979e45
• Merge pull request #22 from JaneJeon/dependabot/npm_and_yarn/got-scraping-3.2.6 0eccf90
• Bump got-scraping from 3.2.4 to 3.2.6 8cf081f
• Bump jest from 27.2.5 to 27.3.0 2547c96
• Bump cacheable-lookup from 6.0.2 to 6.0.4 b6724fe
• Bump eslint-plugin-import from 2.24.2 to 2.25.2 ba1cda1

v1.5.2...v1.5.3

v1.5.2

Due to sindresorhus/p-memoize#31, it seems to me that p-memoize v6 and onwards will have a very shaky foundation that will likely take a long time to fix (if it ever gets fixed in the first place). So, I'm switching caching of canonicization to regular mem instead.

• switch to mem; p-memoize seems to be a dumpster fire f9c420f

v1.5.1...v1.5.2

v1.5.1

• stick w/ p-memoize v5 because v6 broke shit cfeae82

v1.5.0...v1.5.1

v1.4.2

This release updates got-ssrf, an underlying library, to fix hanover-computing/got-ssrf#2

• bump got-ssrf version for better protection 003757b

v1.4.1...v1.4.2

v1.4.1

This release updates the version of got-scraping in order to fix internal got errors when scraping some links.

• update deps to fix some links being broken 6dcadb0

v1.4.0...v1.4.1

v1.4.0

As usual, I am fucking terrified of accidentally blocking the event loop with this library and causing memory leaks... regex has the potential to hit both very hard, so I'm continually trying to make the workload as light as possible by caching RegExp constructor calls.

• cache regex instantiations d5455eb

v1.3.0...v1.4.0

v1.3.0

This release adds two things:

1. It utilizes dnsLookup passed through options, and got-ssrf now utilizes cached DNS lookups if provided.
2. It adds memoization to hopefully help speed up the (potentially) computationally expensive operations, such as canonicization (which involves parsing whole ass HTML document) and tracker stripping (which involves matching tons of regex)

• fix bugs f34cc42
• add memoization to tracker stripping and canonicization e862d4b
• utilize dnsLookup 7e7606f
• add default dns cache 094cb75

v1.2.0...v1.3.0

v1.2.0

Add global timeout

• add global timeout 4a46586
• whoops 2 c1377a9
• whoops 6c1afcd

v1.1.1...v1.2.0

v1.1.1

This release fixes the command line not being exported properly

• whoops 13934d9

v1.1.0...v1.1.1