Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update deprecated NPM dependency versions #4647

Closed
offtherailz opened this issue Dec 11, 2019 · 2 comments · Fixed by #10268
Closed

Update deprecated NPM dependency versions #4647

offtherailz opened this issue Dec 11, 2019 · 2 comments · Fixed by #10268
Assignees
@MV88 @fkellner @ElenaGallo
Labels
Accepted investigation Task
Milestone
2025.01.00

Comments

@offtherailz
Copy link
Member

offtherailz commented Dec 11, 2019
edited
Loading

Update deprecated dependencies (continue from #3901).

Here a list of most recent deprecated warning at the moment of writing this issue. They shuld be updated to latest versions :

npm WARN @geosolutions/[email protected] requires a peer of react@^0.14.0 || ^15.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN @geosolutions/[email protected] requires a peer of react-dom@^0.14.0 || ^15.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of history@^4.7.2 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of react-router@^4.3.1 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of draft-js@^0.10.1 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of draft-js@^0.10.1 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of draft-js@^0.10.1 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of react@^15.4.2 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of react@^0.14.7 || ^15.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of react@^0.14.0 || ^15.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of react-dom@^0.14.0 || ^15.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of react@^15.3.0 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of draft-js@^0.10.x but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of [email protected] || 4.x.x but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of react@^0.14.0 || ^15.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of react@^15.5.0 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of react-dom@^15.5.0 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of react@^0.14 || ^15.0.0-rc || ^15.0 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of react@^0.14.9 || ^15.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of [email protected] || ^15.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of [email protected] || ^15.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of react@^15 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of [email protected] - 15 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of react@^0.14 || ^15.0.0-rc || ^15.0 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of react-dom@^0.14 || ^15.0.0-rc || ^15.0 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of [email protected] || 0.14.x || 15.x.x but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of react@^15.0.0 || ^0.14.0 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of react@^15.3.0 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of react@^0.14.0 || ^15.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of react@^0.14.7 || ^15.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of react@^0.14.0 || ^15.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of react@^0.14.0 || ^15.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of react-dom@^0.14.0 || ^15.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of draft-js@^0.10.5 but none is installed. You must install peer dependencies yourself.
npm WARN @terrestris/[email protected] requires a peer of ol@~5.0 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of [email protected] || 4.x.x but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of draft-js@^0.10.x but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of [email protected] || 4.x.x but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of react@^0.14.0 || ^15.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of react-dom@^0.14.0 || ^15.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of ajv@^6.9.1 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of react@^0.14.0 || ^15.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of react-dom@^0.14.0 || ^15.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of webpack@1 || 2 || ^2.1.0-beta || ^2.2.0-rc but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of react@^0.14.9 || ^15.3.0 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of react@^15.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of react-dom@^15.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of react@^0.14.9 || ^15.3.0 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of react-redux@^4.0.0 || ^5.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of react@^0.14.9 || ^15.3.0 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of react@^0.14.9 || ^15.3.0 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of react@^15.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of react-dom@^15.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: [email protected] (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for [email protected]: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: [email protected] (node_modules/karma/node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for [email protected]: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})

added 1588 packages from 1950 contributors, removed 616 packages, updated 206 packages, moved 66 packages and audited 20298 packages in 106.962s
found 51 vulnerabilities (6 low, 21 moderate, 24 high)
  run `npm audit fix` to fix them, or `npm audit` for details
@tdipisa tdipisa modified the milestones: 2019.03.01, 2020.01.01, 2020.01.00 Dec 12, 2019
@tdipisa tdipisa modified the milestones: 2020.02.00, 2020.02.01 May 13, 2020
@tdipisa tdipisa modified the milestones: 2020.02.01, 2020.02.02 Jul 8, 2020
@tdipisa tdipisa modified the milestones: 2020.02.02, 2021.01.00 Sep 25, 2020
@tdipisa tdipisa assigned tdipisa and MV88 and unassigned tdipisa Mar 22, 2021
@tdipisa tdipisa added the QF Quality Friday label Jun 11, 2021
@tdipisa tdipisa removed this from the 2021.02.00 milestone Jul 8, 2021
@offtherailz offtherailz mentioned this issue Sep 24, 2021
Closed
1 task
@fkellner
Copy link
Contributor

The list has become longer:

npm WARN deprecated [email protected]: This module relies on Node.js's internals and will break at some point. Do not use it, and update to [email protected].
npm WARN deprecated [email protected]: Use whatwg-mimetype instead
npm WARN deprecated @carnesen/[email protected]: This project has been abandoned
npm WARN deprecated @carnesen/[email protected]: Obsoleted by TypeScript
npm WARN deprecated @babel/[email protected]: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-unicode-property-regex instead.
npm WARN deprecated @babel/[email protected]: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-json-strings instead.
npm WARN deprecated @babel/[email protected]: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-nullish-coalescing-operator instead.
npm WARN deprecated @babel/[email protected]: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-optional-catch-binding instead.
npm WARN deprecated @babel/[email protected]: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-dynamic-import instead.
npm WARN deprecated @babel/[email protected]: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-class-properties instead.
npm WARN deprecated [email protected]: Turf packages are now namespaced: please use @turf/union instead
npm WARN deprecated [email protected]: Turf packages are now namespaced: please use @turf/invariant instead
npm WARN deprecated [email protected]: Modern JS already guarantees Array#sort() is a stable sort, so this library is deprecated. See the compatibility table on MDN: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/sort#browser_compatibility
npm WARN deprecated [email protected]: See https://github.com/lydell/source-map-url#deprecated
npm WARN deprecated @turf/[email protected]: Module has been renamed to @turf/point-on-feature
npm WARN deprecated @turf/[email protected]: Module has been renamed to @turf/polygon-to-line
npm WARN deprecated @turf/[email protected]: Module has been renamed to @turf/boolean-point-in-polygon
npm WARN deprecated [email protected]: This module is no longer supported.
npm WARN deprecated [email protected]: critical issue fixed in 2.3.0
npm WARN deprecated @babel/[email protected]: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-optional-chaining instead.
npm WARN deprecated [email protected]: Turf packages are now namespaced: please use @turf/meta instead
npm WARN deprecated [email protected]: Turf packages are now namespaced: please use @turf/bbox instead
npm WARN deprecated [email protected]: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
npm WARN deprecated [email protected]: Please see https://github.com/lydell/urix#deprecated
npm WARN deprecated [email protected]: this library is no longer supported
npm WARN deprecated [email protected]: Chokidar 2 will break on node v14+. Upgrade to chokidar 3 with 15x less dependencies.
npm WARN deprecated @babel/[email protected]: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-object-rest-spread instead.
npm WARN deprecated [email protected]: Turf packages are now namespaced: please use @turf/inside instead
npm WARN deprecated [email protected]: Turf packages are now namespaced: please use @turf/explode instead
npm WARN deprecated [email protected]: Turf packages are now namespaced: please use @turf/center instead
npm WARN deprecated [email protected]: Turf packages are now namespaced: please use @turf/distance instead
npm WARN deprecated [email protected]: Turf packages are now namespaced: please use @turf/bbox instead
npm WARN deprecated [email protected]: Turf packages are now namespaced: please use @turf/point-on-surface instead
npm WARN deprecated @babel/[email protected]: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-async-generator-functions instead.
npm WARN deprecated [email protected]: This version has been deprecated in accordance with the hapi support policy (hapi.im/support). Please upgrade to the latest version to get the best features, bug fixes, and security patches. If you are unable to upgrade at this time, paid support is available for older versions (hapi.im/commercial).
npm WARN deprecated [email protected]: Use your platform's native atob() and btoa() methods instead
npm WARN deprecated [email protected]: please upgrade to graceful-fs 4 for compatibility with current and future versions of Node.js
npm WARN deprecated [email protected]: Turf packages are now namespaced: please use @turf/helpers instead
npm WARN deprecated [email protected]: See https://github.com/lydell/source-map-resolve#deprecated
npm WARN deprecated [email protected]: Chokidar 2 does not receive security updates since 2019. Upgrade to chokidar 3 with 15x fewer dependencies
npm WARN deprecated [email protected]: https://github.com/lydell/resolve-url#deprecated
npm WARN deprecated [email protected]: Package moved to @redux-devtools/instrument.
npm WARN deprecated [email protected]: Package moved to @redux-devtools/core.
npm WARN deprecated [email protected]: This version has been deprecated in accordance with the hapi support policy (hapi.im/support). Please upgrade to the latest version to get the best features, bug fixes, and security patches. If you are unable to upgrade at this time, paid support is available for older versions (hapi.im/commercial).
npm WARN deprecated [email protected]: Deprecated due to CVE-2021-21366 resolved in 0.5.0
npm WARN deprecated [email protected]: Deprecated due to CVE-2021-21366 resolved in 0.5.0
npm WARN deprecated [email protected]: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
npm WARN deprecated [email protected]: Debug versions >=3.2.0 <3.2.7 || >=4 <4.3.1 have a low-severity ReDos regression when used in a Node.js environment. It is recommended you upgrade to 3.2.7 or 4.3.1. (https://github.com/visionmedia/debug/issues/797)
npm WARN deprecated [email protected]: Package no longer supported. Contact Support at https://www.npmjs.com/support for more info.
npm WARN deprecated [email protected]: This module moved to @hapi/sntp. Please make sure to switch over as this distribution is no longer supported and may contain bugs and critical security issues.
npm WARN deprecated [email protected]: use @draft-js-plugins/inline-toolbar >=v4 instead
npm WARN deprecated [email protected]: use @draft-js-plugins/side-toolbar >=v4 instead
npm WARN deprecated [email protected]: Package moved to @redux-devtools/dock-monitor.
npm WARN deprecated [email protected]: The querystring API is considered Legacy. new code should use the URLSearchParams API instead.
npm WARN deprecated [email protected]: Package no longer supported. Contact [email protected] for more info.
npm WARN deprecated [email protected]: We've written a new parser that's 6x faster and is backwards compatible. Please use @formatjs/icu-messageformat-parser
npm WARN deprecated [email protected]: Please upgrade  to version 7 or higher.  Older versions may use Math.random() in certain circumstances, which is known to be problematic.  See https://v8.dev/blog/math-random for details.
npm WARN deprecated [email protected]: Please switch to canvg. It is actively maintained nowadays.
npm WARN deprecated [email protected]: This version has been deprecated in accordance with the hapi support policy (hapi.im/support). Please upgrade to the latest version to get the best features, bug fixes, and security patches. If you are unable to upgrade at this time, paid support is available for older versions (hapi.im/commercial).
npm WARN deprecated [email protected]: request has been deprecated, see https://github.com/request/request/issues/3142
npm WARN deprecated [email protected]: Package no longer supported. Contact Support at https://www.npmjs.com/support for more info.
npm WARN deprecated [email protected]: Please upgrade  to version 7 or higher.  Older versions may use Math.random() in certain circumstances, which is known to be problematic.  See https://v8.dev/blog/math-random for details.
npm WARN deprecated [email protected]: Please upgrade  to version 7 or higher.  Older versions may use Math.random() in certain circumstances, which is known to be problematic.  See https://v8.dev/blog/math-random for details.
npm WARN deprecated [email protected]: Please upgrade  to version 7 or higher.  Older versions may use Math.random() in certain circumstances, which is known to be problematic.  See https://v8.dev/blog/math-random for details.
npm WARN deprecated [email protected]: request has been deprecated, see https://github.com/request/request/issues/3142
npm WARN deprecated [email protected]: this library is no longer supported
npm WARN deprecated [email protected]: Please upgrade to the latest version 3.x.x module for improved functionality.
npm WARN deprecated [email protected]: Legacy versions of mkdirp are no longer supported. Please update to mkdirp 1.x. (Note that the API surface has changed to use Promises in 1.x.)
npm WARN deprecated [email protected]: Package moved to @redux-devtools/log-monitor.
npm WARN deprecated [email protected]: This module moved to @hapi/hawk. Please make sure to switch over as this distribution is no longer supported and may contain bugs and critical security issues.
npm WARN deprecated [email protected]: use @draft-js-plugins/editor >=v4 instead
npm WARN deprecated [email protected]: use @draft-js-plugins/buttons >=v4 instead
npm WARN deprecated [email protected]: This version of tar is no longer supported, and will not receive security updates. Please upgrade asap.
npm WARN deprecated [email protected]: You can find the new Popper v2 at @popperjs/core, this package is dedicated to the legacy v1
npm WARN deprecated [email protected]: This package has been deprecated, please see migration guide at 'https://github.com/formatjs/formatjs/tree/master/packages/intl-relativeformat#migration-guide'
npm WARN deprecated [email protected]: Please consider using https://github.com/visjs
npm WARN deprecated [email protected]: core-js@<3.23.3 is no longer maintained and not recommended for usage due to the number of issues. Because of the V8 engine whims, feature detection in old core-js versions could cause a slowdown up to 100x even if nothing is polyfilled. Some versions have web compatibility issues. Please, upgrade your dependencies to the actual version of core-js.
npm WARN deprecated [email protected]: core-js@<3.23.3 is no longer maintained and not recommended for usage due to the number of issues. Because of the V8 engine whims, feature detection in old core-js versions could cause a slowdown up to 100x even if nothing is polyfilled. Some versions have web compatibility issues. Please, upgrade your dependencies to the actual version of core-js.
npm WARN deprecated [email protected]: core-js@<3.23.3 is no longer maintained and not recommended for usage due to the number of issues. Because of the V8 engine whims, feature detection in old core-js versions could cause a slowdown up to 100x even if nothing is polyfilled. Some versions have web compatibility issues. Please, upgrade your dependencies to the actual version of core-js.

Which may result in security problems (even if without dev-dependencies, it's only 17 critical vulnerabilities):
image

I will try to take care of some low-hanging fruits in the next few days and report on big issues that require your attention.

@fkellner
Copy link
Contributor

See also transitive dependencies:

fkellner pushed a commit to fkellner/MapStore2 that referenced this issue Apr 30, 2024
geosolutions-it#4647: minor dep upgrades/cleanup
eeded8c 
A few packages had new minor versions or were unused.

On Behalf of DB Systel
fkellner pushed a commit to fkellner/MapStore2 that referenced this issue Apr 30, 2024
geosolutions-it#4647: upgrade json2csv to remove 1 critical vulnerabi…
e55b1d1 
…lity

On Behalf of DB Systel
fkellner pushed a commit to fkellner/MapStore2 that referenced this issue Apr 30, 2024
geosolutions-it#4647: remove some deprecation warnings
483ffcd 
On Behalf of DB Systel
@fkellner fkellner mentioned this issue Apr 30, 2024
Merged
2 tasks
@tdipisa tdipisa linked a pull request Aug 30, 2024 that will close this issue
#4647 small dependency updates #10268
Merged
2 tasks
@tdipisa tdipisa added this to the 2024.02.00 milestone Aug 30, 2024
@tdipisa tdipisa removed estimate needed QF Quality Friday labels Aug 30, 2024
allyoucanmap pushed a commit that referenced this issue Sep 13, 2024
@fkellner
#4647 small dependency updates (#10268)
94aa5d2 
* #4647: minor dep upgrades/cleanup

A few packages had new minor versions or were unused.

On Behalf of DB Systel

* #4647: upgrade json2csv to remove 1 critical vulnerability

On Behalf of DB Systel

* #4647: remove some deprecation warnings

On Behalf of DB Systel

---------

Co-authored-by: Florian Kellner <[email protected]>
@tdipisa tdipisa modified the milestones: 2024.02.00, 2025.01.00 Sep 13, 2024
@ElenaGallo ElenaGallo self-assigned this Sep 18, 2024
offtherailz pushed a commit that referenced this issue Oct 18, 2024
@fkellner @offtherailz
#4647 small dependency updates (#10268)
448ed11 
* #4647: minor dep upgrades/cleanup

A few packages had new minor versions or were unused.

On Behalf of DB Systel

* #4647: upgrade json2csv to remove 1 critical vulnerability

On Behalf of DB Systel

* #4647: remove some deprecation warnings

On Behalf of DB Systel

---------

Co-authored-by: Florian Kellner <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@MV88 MV88

@fkellner fkellner

@ElenaGallo ElenaGallo

Labels
Accepted investigation Task
Projects
None yet
Milestone
2025.01.00
Development

Successfully merging a pull request may close this issue.

#4647 small dependency updates fkellner/MapStore2
5 participants
@offtherailz @tdipisa @MV88 @fkellner @ElenaGallo