-
-
Notifications
You must be signed in to change notification settings - Fork 337
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[scope] npm install deprecated and security warnings #3008
Comments
These are (sub-)dependencies of gulp which is ignored by the gulp developers as they declare this as a false positive explained via So as long as nobody fixes the original libs or forks them and/or fixes gulp or rewrites the whole build system this won't get fixed. But infact those affect the local instance only as described in the external link above. I, however, was already trying to fork and fix all affected external and abandoned dependencies, some time ago, but this ain't an easy/motivating task and isnt finished. If interested those packages are here https://www.npmjs.com/search?q=%40fomantic Duplicate of #2936 (comment) |
Thank you for your tireless work and quick response @lubber-de I was focussing more on the deprecated dependencies that already have upgrades. I realize gulp is a tough cookie to swallow! Thanks for the feedback. |
Gulp 5 will solve all that, they say |
Wow uhhh the gulp devs are unpleasant. I think I'll look into trying to build fomantic with vite if I have the time. Maybe release a PR. Edit: Gulp 5 is also out |
Bug Report
I just wanted a clean install of fomantic-ui
and it has many dependencies that are deprecated and in need of repair/replacement:
npm WARN deprecated [email protected]: See https://github.com/lydell/source-map-url#deprecated
npm WARN deprecated [email protected]: Please see https://github.com/lydell/urix#deprecated
npm WARN deprecated [email protected]: https://github.com/lydell/resolve-url#deprecated
npm WARN deprecated [email protected]: See https://github.com/lydell/source-map-resolve#deprecated
npm WARN deprecated [email protected]: gulp-util is deprecated - replace it, following the guidelines at https://medium.com/gulpjs/gulp-util-ca3b1f9f9ac5
npm WARN deprecated [email protected]: The v1 package contains DANGEROUS / INSECURE binaries. Upgrade to safe fsevents v2
npm WARN deprecated [email protected]: Chokidar 2 does not receive security updates since 2019. Upgrade to chokidar 3 with 15x fewer dependencies
Steps to reproduce
Expected result
Clean install with no deprecation errors or security vulnerabilities
Actual result
npm warnings
Screenshot (if possible)
2.9
The text was updated successfully, but these errors were encountered: