Bump Chai-Http version to get package updates

[jakebrown58]

SuperAgent was updated in this PR: #281
But the version of chai-http was not modified along with it.

The result is that the npm registries still are using the old version of the package.json:

"chai-http": { "version": "4.3.0", "resolved": "https://registry.npmjs.org/chai-http/-/chai-http-4.3.0.tgz", "integrity": "sha512-zFTxlN7HLMv+7+SPXZdkd5wUlK+KxH6Q7bIEMiEx0FK3zuuMqL7cwICAQ0V1+yYRozBburYuxN1qZstgHpFZQg==", "dev": true, "requires": { "@types/chai": "4", "@types/superagent": "^3.8.3", "cookiejar": "^2.1.1", "is-ip": "^2.0.0", "methods": "^1.1.2", "qs": "^6.5.1", "superagent": "^3.7.0" } },

Any chance you can bump chai-http to 4.3.1?

[kinder-lab]

I need this as well. We run some security analysis tools on the code, and it's showing that superagent has a vulnerability.

[austince]

Hi all – we're currently having issues with our release process (see https://github.com/chaijs/chai-http/runs/1995002882?check_suite_focus=true). I don't have the proper credentials to debug this locally and haven't had the time to set up my own npm package to debug there. I may in the next couple weeks, but it's tight. Is anyone able to do the same?

In summary, something is going wrong with the semantic-release npm plugin and our automation tokens. We've tried to fix this a few times (#287, #289, etc.) without success. I've also pinged the semantic-release team (semantic-release/npm#277 (comment)) but without a good response (admittedly a weak ping on my part).

[ostankin]

Is the release process still broken? There haven't been any releases since 4 years ago.

[austince]

Yes, the process is still broken. I don't have the access needed to properly debug/maintain this. @keithamus is the only one I know of with those credentials, but it may be worth just formally marking this repo as unmaintained.

[keithamus]

@chaijs/token-bearers is the team which has all credentials for the chai accounts.

Looks like those old log links are 404ing, so I can't see what the failures are. Happy to try to cut a release today but I'd prefer to see if we can get semantic release working so it doesn't require me or another token-bearer to cut a release.

[Trickfilm400]

Any news on this one?

Besides that, for example superagent is again deprecated with version 6.x - Should I provide a PR with the updated dependency version?

[keithamus]

Please do so. I’ll take a look tomorrow

[GustavoOS]

Superagent is again recommending update to version 9. Any chance for an upgrade?

[Trickfilm400]

Its already commited, but only released as an pre-release 5.0.0-alpha2

[43081j]

if you can try out 5.0.0-alpha2 so im aware it all works well for you, ill publish 5.0.0 this weekend