Bump got from 14.6.6 to 15.0.0

[dependabot]

Bumps got from 14.6.6 to 15.0.0.

Release notes

Sourced from got's releases.

v15.0.0

Breaking changes

• Require Node.js 22 b933476
• Remove promise cancel API a06ac6c
  • promise.cancel() is gone. Use the signal option with AbortController instead.
• Remove isStream option c241c6c
  • Use got.stream() directly.
• Use native FormData global 670b228
  • Use the Web API FormData global directly (available in Node.js 18+).
• responseType: 'buffer' returns Uint8Array instead of Buffer 309e36d
  • response.rawBody and promise.buffer() now return a Uint8Array. Buffer is a subclass of Uint8Array, so most code will continue to work, but strict type checks will need updating.
• strictContentLength defaults to true 08e9dff
  • Got now throws a ContentLengthMismatchError by default if Content-Length doesn't match the actual body size. Set {strictContentLength: false} to restore the old behavior.
• retry.enforceRetryRules defaults to true 9bc8dfb
  • Custom calculateDelay functions are now only called when a retry is actually allowed by limit, methods, statusCodes, and errorCodes. If your calculateDelay was previously used to override retry eligibility unconditionally, set {retry: {enforceRetryRules: false}}.
• Piped header copying is now opt-in 8e392f3
  • Got no longer automatically copies headers from a piped stream. Set {copyPipedHeaders: true} to re-enable. Hop-by-hop headers are never copied even when enabled (RFC 9110 §7.6.1).
• url removed from public options objects 87de8d6
  • The url property is no longer present on the options object passed to hooks. Use response.url or request.requestUrl instead.
• 300 and 304 responses are no longer auto-followed 5fccaab
  • Per RFC 9110, 304 is a conditional-GET hint, not a redirect, and 300 is only a SHOULD for user agents. Got now returns these responses as-is. Handle them manually if needed.

Improvements

• Stream decode large text/json bodies incrementally for lower peak memory usage c9a95b1
• uploadProgress now emits granular per-chunk events for json and form request bodies 13c889d

---

Migration guide

Replace promise.cancel() with AbortController

Before:

const promise = got(url);
promise.cancel();

After:

const controller = new AbortController();
const promise = got(url, {signal: controller.signal});
controller.abort();

Replace isStream: true with got.stream()

... (truncated)

Commits

• a268250 15.0.0
• e5e645a Various improvements
• dc2656b Do not forward hop-by-hop piped headers
• 5fccaab Do not auto-follow 300 and 304 responses
• d158f28 Various improvements
• fb909e9 Tweaks
• 6be69a5 Fix CI
• 309e36d Use Uint8Array for user-facing binary responses
• 8e392f3 Make piped header copying opt-in and preserve explicit headers
• 9bc8dfb Change retry.enforceRetryRules default to true
• Additional commits viewable in compare view

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	got@​14.6.6 ⏵ 15.0.0	+1		+1

View full report

[codacy-production]

Up to standards ✅

🟢 Issues 0 issues

Results:
0 new issues

View in Codacy

🟢 Metrics 0 complexity · 0 duplication

Metric	Results
Complexity	0
Duplication	0

View in Codacy

_{TIP This summary will be updated as you push new changes. Give us feedback}