Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Deprecated packages #3777

Closed
alexojegu opened this issue Jun 19, 2024 · 1 comment
Closed

Deprecated packages #3777

alexojegu opened this issue Jun 19, 2024 · 1 comment
Assignees
Labels
question Further information is requested

Comments

@alexojegu
Copy link
Contributor

alexojegu commented Jun 19, 2024

On a fresh install, npm shows:

npm warn deprecated [email protected]: The querystring API is considered Legacy. new code should use the URLSearchParams API instead.
npm warn deprecated [email protected]: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful.
npm warn deprecated [email protected]: Glob versions prior to v9 are no longer supported
npm warn deprecated [email protected]: Please use another csrf package
npm warn deprecated [email protected]: Vue 2 has reached EOL and is no longer actively maintained. See https://v2.vuejs.org/eol/ for more details.

querystring: this is dependency of native-url can be replaced by web API URL, seems well supported by browsers.

inflight - glob: these are dependencies of archiver, the only breaking change from 6.0.1 to 7.0.1 seems to be "drop support for v12 node".

csurf: I understand that changing to another package may be more complicated. But a security-related package without maintenance for 4 years doesn't seem very secure.

Vue: I understand that upgrading to version 3 can be a lot of work and will require time and planning.

@alexojegu alexojegu added the question Further information is requested label Jun 19, 2024
@robertsLando
Copy link
Member

Hi @alexojegu and thanks for your issue. I have created #3778 to bump all deps (except vue/vuetify). Deprecated packages are not always bad if they do some really basic thing and they don't have any open security issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
question Further information is requested
Projects
None yet
Development

No branches or pull requests

2 participants