Skip to content

fix: add node version requirement #6

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
adollar28cents wants to merge 3 commits into from
+6 −2
Closed

fix: add node version requirement #6

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
2149394
fix: add node version requirement to package.json
adollar28cents Mar 25, 2026
14eb270
fix: enable strict engine check
adollar28cents Mar 25, 2026
7785400
docs: list node version support
adollar28cents Mar 25, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions .npmrc
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
engine-strict=true
4 changes: 2 additions & 2 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

[![npm version](https://img.shields.io/npm/v/htaccess-punk.svg)](https://www.npmjs.com/package/htaccess-punk) [![Build status](https://github.com/j9t/htaccess-punk/workflows/Tests/badge.svg)](https://github.com/j9t/htaccess-punk/actions) [![Socket](https://badge.socket.dev/npm/package/htaccess-punk)](https://socket.dev/npm/package/htaccess-punk)

.htaccess Punk checks the redirect targets defined in `.htaccess` files. It follows redirect chains to verify where they ultimately resolve and what HTTP status they return, thus helping to fight redirect rot.
.htaccess Punk checks the redirect targets defined in `.htaccess` files. It follows redirect chains to verify where they ultimately resolve and what HTTP status they return, thus helping to fight redirect rot. It requires Node v14+.
Copy link
Copy Markdown

@coderabbitai coderabbitai bot Mar 25, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

cat README.md | head -20

Repository: j9t/htaccess-punk

Length of output: 1050

🏁 Script executed:

cat package.json | head -50

Repository: j9t/htaccess-punk

Length of output: 1028

🏁 Script executed:

cat bin/htaccess-punk.js

Repository: j9t/htaccess-punk

Length of output: 3793

🏁 Script executed:

cat src/index.js

Repository: j9t/htaccess-punk

Length of output: 4308

🌐 Web query:

Node.js parseArgs util minimum version requirement

💡 Result:

The minimum Node.js version required to use the util.parseArgs function is v16.17.0 or v18.3.0. It was added as an experimental feature in these versions via PR #42675 (merged May 2022) and later stabilized.

Citations:

🌐 Web query:

Node.js fetch native API minimum version requirement

💡 Result:

The native Fetch API in Node.js is available starting from version 18.0.0, where it was introduced as an experimental feature enabled by default (disable with --no-experimental-fetch). It remained experimental through versions 18-20. In Node.js 21.0.0, Fetch was promoted to stable. As of 2026, all current LTS versions (20, 22, 24) and later include stable native Fetch with no flags required. For production use without experimental warnings or instability, the minimum recommended version is Node.js 21.

Citations:

🌐 Web query:

Node.js AbortSignal.timeout minimum version requirement

💡 Result:

Node.js AbortSignal.timeout requires Node.js version 16.14.0 or 17.3.0 minimum.

Citations:

🌐 Web query:

Node.js util.styleText minimum version requirement

💡 Result:

The minimum Node.js version required to use util.styleText is v20.12.0 or v21.7.0. It was added as a semver-minor feature in these releases via PR #51850, which merged on 2024-02-26. It is available (but experimental/unstable) in Node.js 20.12+ and 21.7+, became stable in v22.13.0 and v23.5.0. Prior versions like v18 and v21.0.0 do not have it. As of 2026-03-25, all maintained LTS versions (20, 22, 24) support it since v20.12.0.

Citations:

Documented and configured Node version is inaccurate.

Line 5 states Node v14+ and package.json specifies >=14.0.0, but the code uses styleText from node:util (imported in bin/htaccess-punk.js), which requires Node 20.12.0 or later. Update both the README and package.json engines field to reflect the actual minimum supported version: Node 20.12.0 (or 21.7.0+ if preferring a stable release without experimental warnings).

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@README.md` at line 5, Update the documented Node version and the package.json
engines to reflect the actual minimum required Node runtime: change the README
text "Node v14+" to "Node 20.12.0+ (or 21.7.0+ if you prefer a stable release
without experimental warnings)" and update the "engines" field in package.json
from ">=14.0.0" to the chosen minimum (e.g., ">=20.12.0" or ">=21.7.0"); verify
this aligns with the import usage of styleText from node:util in
bin/htaccess-punk.js so the declared engine matches the runtime API used.


## Usage

Expand Down Expand Up @@ -59,4 +59,4 @@ await check(dir, {
4. **deduplicates** targets across all files
5. **checks** each unique URL with a HEAD request (falling back to GET if the server returns 403 or 405), following redirect chains up to 10 hops, and reports the final HTTP status

The `check()` function returns raw result data. The CLI (`bin/htaccess-punk.js`) collects those results and prints them grouped by `.htaccess` file, with the final status color-coded: green for 2xx, yellow for 3xx (further redirect from the final hop, e.g. a loop or exceeded redirect limit), red for 4xx/5xx. When a target redirected before settling, the final URL is shown below it.
The `check()` function returns raw result data. The CLI (`bin/htaccess-punk.js`) collects those results and prints them grouped by `.htaccess` file, with the final status color-coded: green for 2xx, yellow for 3xx (further redirect from the final hop, e.g. a loop or exceeded redirect limit), red for 4xx/5xx. When a target redirected before settling, the final URL is shown below it.
3 changes: 3 additions & 0 deletions package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,9 @@
"htaccess-punk": "bin/htaccess-punk.js"
},
"description": "Redirect checker for .htaccess files",
"engines" : {
"node" : ">=14.0.0"
},
Comment on lines +7 to +9
Copy link
Copy Markdown

@coderabbitai coderabbitai bot Mar 25, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Verify runtime APIs used vs declared engine floor.
set -euo pipefail

echo "Declared engines:"
rg -n '"engines"|"node"' package.json -n -A2 -B1

echo
echo "AbortSignal.timeout usage:"
rg -nP '\bAbortSignal\.timeout\s*\(' -g '!**/node_modules/**'

echo
echo "parseArgs/styleText usage:"
rg -nP 'from\s+[\"\x27]node:util[\"\x27]|\\bparseArgs\\s*\\(|\\bstyleText\\s*\\(' -g '!**/node_modules/**'

echo
echo "CI node versions under test:"
rg -n 'node-version|matrix:|node:' .github/workflows -g '*.yml' -g '*.yaml'

Repository: j9t/htaccess-punk

Length of output: 485

🏁 Script executed:

# Check for parseArgs import and usage
echo "=== Checking for parseArgs import ==="
cat -n bin/htaccess-punk.js | head -20

echo -e "\n=== Checking for any 'node:util' imports ==="
rg "node:util|parseArgs|styleText" -n

echo -e "\n=== CI workflows node versions ==="
find .github/workflows -name "*.yml" -o -name "*.yaml" | head -5
cat .github/workflows/*.yml .github/workflows/*.yaml 2>/dev/null | grep -i "node" | head -20

Repository: j9t/htaccess-punk

Length of output: 2709

engines.node minimum is too low for APIs already used.

Line 8 declares >=14.0.0, but the codebase uses APIs that require significantly newer versions: AbortSignal.timeout() (Node 17.3+), parseArgs (Node 18.3+), and styleText (Node 18.17+). The lowest common floor is >=18.17.0. Raise the minimum to prevent runtime crashes on unsupported versions.

Suggested patch 
-  "engines" : { 
-    "node" : ">=14.0.0"
+  "engines": {
+    "node": ">=18.17.0"
   },
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
"engines" : {
"node" : ">=14.0.0"
},
"engines": {
"node": ">=18.17.0"
},
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@package.json` around lines 7 - 9, Update the package.json engines.node
minimum to match the Node APIs used: change the "engines.node" value from
">=14.0.0" to ">=18.17.0" so runtime environments support AbortSignal.timeout(),
parseArgs, and styleText; locate the engines.node entry in package.json and
replace the version string accordingly and run a quick install/test to verify
compatibility.

"exports": {
".": "./src/index.js"
},
Expand Down