fix: upgrade got to latest version

[Mr0nline]

As a part of fixing this SDK's issue with retry mechanism caused by underlying got package mentioned as here! We need to upgrade got to latest version.

Since got is now esm only since v12, I updated the package to ensure latest got is compatible with this SDK. This is breaking change as minimum supported node version is 20 now!

Any edits by maintainer are welcome as I would really love to have this in official release. Until then I will be using my own forked version as a workaround!

Summary by CodeRabbit

• Chores

  • Increased minimum required Node.js version to 20.0.0.
  • Upgraded HTTP client dependency to the latest version.
  • Updated development tooling configuration.

• Bug Fixes

  • Enhanced HTTP error message formatting for improved consistency.

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	got@​11.8.6 ⏵ 14.6.4	+1		+1	+1

View full report

[coderabbitai]

Walkthrough

The project is updated to support got v14 (ESM-only) by implementing lazy dynamic imports instead of static requires. Node.js requirement is bumped to >=20, dependencies are updated accordingly, and test assertions are adjusted for got v14's error message format changes.

Changes

Cohort / File(s)	Change Summary
Configuration & Dependencies .gitignore, package.json	.gitignore: Added .idea/ entry. package.json: Bumped Node.js engine from >=10.0.0 to >=20.0.0; updated got from ^11.1.4 to ^14.6.4.
Core Implementation index.js	Replaced static require('got') with lazy dynamic import via ensureGot() helper. Added module-scoped got and gotPromise for on-demand loading. Adapted timeout configuration to object format { request: timeout }, adjusted retry config to { limit: 0 } when maxRetries is 0, and added URL stringification via urlObjToString for compatibility with got v14.
Test Suite test/shopify.test.js	Updated got import to use dynamic ESM import in before hook with backward-compatibility for error classes. Modified HTTP error assertions across REST and GraphQL tests to expect partial error message matches (e.g., "Request failed with status code X (Reason)") instead of exact matches.

Sequence Diagram

sequenceDiagram
    actor Client
    participant Module as index.js
    participant ensureGot as ensureGot()
    participant got as got v14 (ESM)

    Client->>Module: Call makeRequest() or graphQL()
    alt got not loaded
        Module->>ensureGot: ensureGot()
        ensureGot->>got: import('got')
        got-->>ensureGot: got instance
        ensureGot-->>Module: Promise resolves
    else got already loaded
        ensureGot-->>Module: Promise resolves immediately
    end
    
    Module->>Module: Build request options<br/>(timeout: {request: X})
    Module->>Module: Convert URL to string<br/>urlObjToString()
    Module->>got: got(uriString, options)
    got-->>Module: Response
    Module-->>Client: Result

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

• Dynamic import pattern in index.js: Verify ensureGot() correctly handles concurrent calls, promise resolution, and error states during module initialization.
• Timeout and retry configuration: Confirm { request: timeout } and { limit: 0 } formats align with got v14 API expectations and that existing retry logic (202 responses, Location header, Link headers) functions correctly.
• URL stringification: Ensure urlObjToString properly converts all URL types used in the codebase.
• Test assertion updates: Validate that partial error message matching (across HTTP 400, 404, 422 tests and retry scenarios) is comprehensive and doesn't mask unexpected error format changes.

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The PR title 'fix: upgrade got to latest version' directly and clearly summarizes the main change—upgrading the got dependency to address compatibility and retry issues.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between c6159df and eece805.

📒 Files selected for processing (4)

• .gitignore (1 hunks)
• index.js (5 hunks)
• package.json (2 hunks)
• test/shopify.test.js (7 hunks)

🧰 Additional context used

📓 Path-based instructions (1)

**/*

⚙️ CodeRabbit configuration file

**/*: Generate manual testing checkboxes for the PR. The checkboxes should cover:

1. Visual verification that the UI renders correctly
2. Functional testing of user interactions
3. Edge cases and error states
4. Cross-browser/device testing if applicable
5. Integration with related features

Files:

• package.json
• test/shopify.test.js
• index.js

🧬 Code graph analysis (2)

test/shopify.test.js (1)

index.js (1)

• got (13-13)

index.js (3)

test/shopify.test.js (1)

• got (28-28)

resources/fulfillment-event.js (6)

• url (34-34)
• url (48-48)
• url (66-66)
• url (88-88)
• url (108-108)
• url (148-148)

mixins/base-child.js (7)

• url (22-22)
• url (35-35)
• url (49-49)
• url (63-63)
• url (76-76)
• url (90-90)
• url (115-115)

🔇 Additional comments (6)

.gitignore (1)

3-3: Ignore .idea/ project files – LGTM

Good to keep local IDE metadata out of the repo.

package.json (1)

10-12: Runtime + got upgrade looks consistent; treat as semver‑major

The Node >=20.0.0 engine requirement and got ^14.6.4 align with the new ESM‑only, dynamic‑import usage in index.js and tests. Please ensure:

• This is released as a major version.
• README/CHANGELOG and any install docs clearly call out the new Node 20+ requirement and got major bump.

Please re‑run the full test suite on Node 20+ and confirm there are no compatibility issues with devDependencies (e.g., mocha, eslint, tsd) on that runtime.

Also applies to: 19-23

test/shopify.test.js (1)

27-37: Dynamic got import in tests correctly mirrors ESM usage

Lazy import('got') in a before hook plus attaching the error classes onto the local got function keeps the instanceof assertions working with the ESM‑only got v14.

Please confirm that running npm test under Node 20+ exercises these paths (RequestError/TimeoutError/ParseError/HTTPError) and all type checks still pass with got v14.

index.js (3)

179-188: Request path: timeout, retry config, and URL string usage align with got v14

• Using timeout: { request: this.options.timeout } matches got’s object‑based timeout API.
• When maxRetries is 0, options.retry = { limit: 0 } cleanly disables retries for got v12+.
• Converting the uri object via urlObjToString(uri) and calling ensureGot().then(() => got(urlString, options)) correctly adapts older URL‑object callers to the string‑based got API.
• The 202 + Location handling and Link header parsing remain intact and still recurse through this.request() with the new URL handling.

Please run the REST tests that cover:

• 202 responses with Location headers,
• pagination via Link headers,
• and maxRetries 0 vs >0,
  to confirm behavior is unchanged with got v14 and the new options shapes.

Also applies to: 210-222, 224-263

---

299-320: GraphQL path: updated timeout/retry and dynamic got usage preserve behavior

• GraphQL requests now share the same timeout: { request: this.options.timeout } pattern as REST.
• Retry configuration uses { limit: this.options.maxRetries } or { limit: 0 } when disabled, which matches the new got retry API.
• Converting the GraphQL URI object via urlObjToString(uri) and routing through ensureGot().then(() => got(urlString, options)) keeps existing updateGraphqlLimits, maybeError, and decorateError logic intact while satisfying got’s input requirements.

Please re‑run the GraphQL tests that cover:

• retry throttling via GraphQL cost limits,
• timeout retries,
• and beforeError/afterResponse hooks,
  to validate they still behave as expected with got v14.

Also applies to: 359-371, 373-378

---

11-15: Got v14 API usage verified and correct

The default export in got v14 remains a callable function accepting (url, options) and supports both timeout and retry options, confirming the code's approach is sound. Dynamic import('got') from CommonJS is supported on Node 20+, validating the lazy-load pattern used here. No further changes needed.