Skip to content

Bump checkout-sdk-node from 2.8.1 to 3.3.0 in /node#51

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/node/checkout-sdk-node-3.3.0
Open

Bump checkout-sdk-node from 2.8.1 to 3.3.0 in /node#51
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/node/checkout-sdk-node-3.3.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github May 12, 2026

Copy link
Copy Markdown
Contributor

Bumps checkout-sdk-node from 2.8.1 to 3.3.0.

Release notes

Sourced from checkout-sdk-node's releases.

3.3.0

Release 3.3.0 (#430)

This release improves multipart form-data handling in HTTP requests, specifically ensuring that FormData is properly serialized and sent in API calls. The changes fix a bug where the form-data instance was previously string-coerced (resulting in an invalid request body), and add comprehensive regression tests to prevent this issue from recurring.

HTTP request handling improvements:

  • Added a formDataToBuffer utility to serialize FormData streams into a buffer, ensuring multipart bodies are transmitted correctly in HTTP requests.
  • Updated the HTTP request logic to use the new buffer serialization for FormData, preventing accidental string coercion and ensuring the correct Content-Type and body format.
  • Enhanced header generation to merge headers from FormData instances when present, ensuring the multipart boundary is set correctly.
  • Imported Node's Writable stream to support the new buffer serialization logic.

Testing and regression coverage:

  • Improved and expanded tests in test/files/files.js to verify that multipart requests include the correct fields and headers, and added a regression test for issue #418 to ensure the bug does not reoccur. [1] [2]

3.2.1

Release 3.2.1 (#428)

  • fix(build): restore ESM output broken since v3.1.0 (#427)

3.2.0

Release 3.2.0 (#426)

New Features

  • Account Updater API: New client for managing card account updates
  • Identities API: Complete client with 6 submodules (AML screenings, applicants, face authentications, ID document verifications, identity verifications, delegation)
  • Issuing API: Expanded with 10 new submodules (access, cardholders, cards, control groups, control profiles, controls, digital cards, disputes, simulate, transactions)
  • Network Tokens API: New client for network token management
  • Payment Methods API: New client for payment method operations

Improvements

  • Error Handling: Enhanced error propagation for 401/403/404 responses with detailed error.body
  • Code Organization: Refactored core modules (Checkout.js, Platforms, HTTP service) for better maintainability
  • Test Suite: Reorganized 51+ test files with better separation between unit and integration tests
  • Documentation: Improved JSDoc annotations with @​memberof tags, updated README with new architecture examples

Technical Details

  • Reduced Checkout.js from ~200 lines to ~46 lines through modularization
  • Split Platforms API into focused submodules (subentity, files, payment-instruments, payout-schedules, reserve-rules)
  • Enhanced HTTP client with better response processing and error context
  • Added TypeScript definitions for all new API clients
  • Test coverage: 97.89% (818 tests passing)

All changes maintain backward compatibility.

3.1.0

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [checkout-sdk-node](https://github.com/checkout/checkout-sdk-node) from 2.8.1 to 3.3.0.
- [Release notes](https://github.com/checkout/checkout-sdk-node/releases)
- [Commits](checkout/checkout-sdk-node@2.8.1...3.3.0)

---
updated-dependencies:
- dependency-name: checkout-sdk-node
  dependency-version: 3.3.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels May 12, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Development

Successfully merging this pull request may close these issues.

0 participants