-
-
Notifications
You must be signed in to change notification settings - Fork 3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
🚀 Feature: Update glob from 8.1.0 which is no longer supported #5148
Comments
Agreed, this would be great. There's no reason to keep #5114 tracks allowing I suspect (but am not wholly convinced) for major version bumps we'll want to play it safe and wait until the next major version of Mocha. cc @mochajs/maintenance-crew: we'd previously talked about how we wanted to get to a new major version, but are also hesitant to make new majors given how entrenched the current v10 major version of Mocha is? For reference, we took that strategy in typescript-eslint recently: typescript-eslint@v7's breaking changes were around major versions, while typescript-eslint@v8's breaking changes are more substantial. Marking as |
We talked internally and will treat this as |
Oh. This is unfortunate:
...so this would be |
Apparently 14.18 because of 14.17 was set here: isaacs/node-glob@03b9bca Not sure why |
Worth noting here (since I just ran into it in an old package I was updating): glob requires Node.js >=18 as of v10.4.3 (yes, updated engine requirements in a patch release). This also happened in v10.3.1 of lru-cache, which is a transitive dependency of glob (by the same author). In my case, I was able to handle it by adding a depending on I am also a little concerned there may be some mislabeling and these version requirements are not actually compatible, but my tests all pass, at least. Also, glob’s author does not seem to think this is a problem, which tells me I should be a little more careful depending on his packages in the future. |
Not sure if this is helpful, but |
I tried putting together a change that would work here, but:
Another popular alternative is |
@jakebailey Thank you for the update. |
@einsteinsfool We will bump to >=18 real soon as we prepare for a new major release, to avoid issues like these, so no worries on using a dependency that requires node >=18 in a PR (reference this comment if you do) |
PR about the bump of engine in Mocha 11: #5216 |
Bumping mocha's major to get an engine bump is definitely a way to solve the problem, though TS unfortunately still supports Node 14 so I'll just have to stare at the deprecation warning until TS can affort an engines bump for a while if so :\ |
@jakebailey Can you elaborate? If it's a problem that we drop Node 14 and 16, then we might have to reconsider #5216 |
TS uses mocha for its testing, TS currently supports Node 14.17+; if you bump the minimum version, we'd just have to stay on v10 (just like we're stuck on chai v4). I'm certainly not going to try and stop you from bumping to 18+; loads of projects are doing that. The only gotcha is just that while a dep like ESLint can go to v18 no problem (just don't lint on an old version of Node), test deps are less fun to deal with because a test framework dropping a version of Node means being unable to test on that version of Node at all. But again, it's absolutely reasonable to bump your minimum node version in v11. My main interest in this issue is just to make (It's just that bumping major to fix this particular issue means not actually fixing it for those on v10, but, that's just the reality of fixes with a project moving forward. I don't want to stop you from making progress!) |
@jakebailey I asked about TypeScript's plan for Node.js EOL version support in https://discord.com/channels/508357248330760243/640177505915109377/1293239882323591200 & noted it in https://github.com/mochajs/mocha/pull/5216/files#r1792135513. |
Feature Request Checklist
faq
label, but none matched my issue.Overview
mocha uses [email protected] which is not supported and also depends on inflight which is also not supported (any version).
I do realise it's been reported in #4988 but I'm not reporting it as security vulnerability but feature request.
It would be nice not to have these warnings. Especially that a lot of packages depend on mocha (like appium from which I came).
Suggested Solution
Updating glob dependency to v9.0.0 or maybe even v10.4.1.
Alternatives
Leave glob v8.1.0 which is no longer supported and ignore warnings.
Additional Info
https://www.npmjs.com/package/inflight
https://www.npmjs.com/package/glob/v/8.1.0
The text was updated successfully, but these errors were encountered: