It is saying upgrade to uuid#3.4.0 to Higher version, How should i deal with it
Please guide me achiving it
C:\Program Files>npm install -g yo
npm WARN deprecated request#2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142
npm WARN deprecated uuid#3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
npm WARN deprecated har-validator#5.1.5: this library is no longer supported
C:\Users\DELL\AppData\Roaming\npm\yo -> C:\Users\DELL\AppData\Roaming\npm\node_modules\yo\lib\cli.js
C:\Users\DELL\AppData\Roaming\npm\yo-complete -> C:\Users\DELL\AppData\Roaming\npm\node_modules\yo\lib\completion\index.js
These are warnings that are up to the package author(s) to fix (or you have to file a pull request yourself in their repository where you fix it yourself).
If they don't keep their package updated with the newest dependencies, you will see this type of warnings.
Most of the time this is expected in the sense that package authors never manage to be 100% up to date always, and most of the time they will fix it in a later update. And most of the time the package will install correctly and work regardless of the warning. But sometimes these warnings could also imply security issues, which is not the case here, it seems.
If the package doesn't work after you have installed it, you have to file an issue with the yo author(s) or make a pull request to their repository.
Seems to me this install worked after all. You can check if the name of the package is added in your package.json or is found in the node_modules folder.
Related
The problem I explained below is that the deprecated warnings that come out when I say npm i;
I'm investigating the reason why it was solved by installing uuid?
How could installing a UUID have destroyed all deprecated s?
Even the old version was not included in my package.json file, I installed it saying it would change if I install it from the errors.
EXPLAIN THE PROBLEM AND SOLUTION
enter image description here
When we say npm install, we observed that there are packages that are deprecated.
We looked at why these deprecated packages happen, how we can update them or if we are still using them, if we are not using them, we should remove them from the update. I observed that we are not using react-native-community/masked-view and removed it.
(Deleted node module from package json, called npm i.)
I observed that 8 of the 9 deprecated packages remain and the new order has changed.
enter image description here
deprecated babel-eslint#10.1.0: babel-eslint is now #babel/eslint-parser. This package will no longer receive updates.
enter image description here
I couldn't see the babel-eslint package when I looked in my package.json file. Instead, I think there was already an updated version of eslint.
uuid#3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
https://www.npmjs.com/package/uuid/v/3.4.0
I couldn't see that we are using uuid, I couldn't see anything about uuid in package.json file.
I thought that a package might be a dependency package and I thought it might have been accidentally deleted, so I decided to install it with a new version.
I said npm uuid, I deleted android and node modules, I said npm i and finally deprecated s are gone.
enter image description here
I could not find any documentation which says that npm will not try to install a deprecated package version.
example:
2.0.0-beta.2 2.0.0-beta.5 2.0.0-rc.9
So if I install ^2.0.0-beta.2, it will resolve to 2.0.0-rc.9
And if I deprecate 2.0.0-rc.9
2.0.0-beta.2 2.0.0-beta.5 2.0.0-rc.9
(deprecated)
Now if I install ^2.0.0-beta.2, it will resolve to 2.0.0-beta.5
But I could not find any documentation which proves this behavior. Can someone please help to validate this?
I tested and confirmed that it does indeed ignore deprecated versions if there is another version it can use. (I temporarily deprecated metal-name version 1.3.1 and then ran npm install metal-name#1. It installed version 1.3.0 instead of 1.3.1. When I removed the deprecation for version 1.3.1, it went back to installing 1.3.1 when I ran npm install metal-name#1.
I can not find this behavior mentioned in the npm CLI documentation. However, I can find it mentioned in the commit log for the npm CLI client.
npm uses npm-pick-manifest to determine what to install. The README for that module says:
Prefers non-deprecated versions to deprecated versions.
NPM will do whatever you told it to do, based on your package.json rule for each dependency. If you use ^ as version prefix then yeah: you literally told NPM to use "whatever is the most up to date minor release".
See both the documentation for dependency management and the semver range documentation for what syntax is accepted and what they all mean.
I'm using Atom and trying to autocompile SCSS with the 'SASS Autocompile' package.
I'm absolutely going mad trying to get it to work. I'm being told node-sass: command not found and have followed countless guides and articles which mostly say run npm install node-sass. I do that, and it installs ok but Atom still gives me an error when I save a SASS file.
I have no idea if I'm running these commands in the correct location - on my local user level, in my project folder etc. The guides are so vague for someone who's not doing this all day every day.
I can't believe this is modern web development where you just have no way of knowing what is causing issues, no simple way to remove and reinstall things and we're all flying blind trying to fix things.
If anyone has some ideas of what I could try, I would love to hear them.
$ npm i node-sass
npm WARN deprecated mkdirp#0.5.3: Legacy versions of mkdirp are no longer supported. Please update to mkdirp 1.x. (Note that the API surface has changed to use Promises in 1.x.)
npm WARN deprecated request#2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142
> node-sass#4.13.1 install /Users/tommyprsnl/Sites/ozspurs/node_modules/node-sass
> node scripts/install.js
Cached binary found at /Users/tommyprsnl/.npm/node-sass/4.13.1/darwin-x64-72_binding.node
> node-sass#4.13.1 postinstall /Users/tommyprsnl/Sites/ozspurs/node_modules/node-sass
> node scripts/build.js
Binary found at /Users/tommyprsnl/Sites/ozspurs/node_modules/node-sass/vendor/darwin-x64-72/binding.node
Testing binary
Binary is fine
npm WARN ozspurs No description
npm WARN ozspurs No repository field.
npm WARN ozspurs No license field.
+ node-sass#4.13.1
updated 1 package and audited 528 packages in 4.857s
found 0 vulnerabilities
Nearly all the time I use npm to install a package, I get a warning like:
npm WARN deprecated minimatch#1.0.0: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
Then I install the dubious packages with the advised version number.
Is there any way to make npm do this automatically? At own risk of course.
If you're not depending directly on the deprecated packages, you're probably not accomplishing anything by installing them directly. Whichever package depends on it is the one that needs to update its dependencies, and so on until you reach the package you're developing. Essentially: if it's important (e.g. a security problem), notify the package maintainers; if not, ignore the deprecation warning.
When I download "Intermediate - Advanced users" version of polymer starter kit from github here and on the 4th step of these instructions here I always getting these WARNs:
$ sudo npm install
npm WARN deprecated gulp-minify-css#1.2.4: Please use gulp-clean-css
npm WARN deprecated graceful-fs#3.0.8: graceful-fs version 3 and before will fail on newer node releases. Please update to graceful-fs#^4.0.0 as soon as possible.
npm WARN engine launchpad#0.5.1: wanted: {"node":"^0.12"} (current: {"node":"4.4.2","npm":"2.15.0"})
npm WARN deprecated lodash#1.0.2: lodash#<3.0.0 is no longer maintained. Upgrade to lodash#^4.0.0.
npm WARN optional dep failed, continuing fsevents#1.0.11
npm WARN deprecated graceful-fs#1.2.3: graceful-fs version 3 and before will fail on newer node releases. Please update to graceful-fs#^4.0.0 as soon as possible.
npm WARN deprecated jade#0.26.3: Jade has been renamed to pug, please install the latest version of pug instead of jade
No matter what OS I'm using: tried both Ubuntu and Windows (git bash).
I have npm, bower, gulp installed globally but there's always those WARNs.
I think that maybe it's a dependencies problem or it's because of some code in some of polymer starter kit files, but I'm not a pro developer, so I can't find what is causing the problem
It's all seems to work though when I deploy the project, but I'm new to web dev and not sure if I have to just close my eyes on these WARNs
Nothing to worry about with those warnings. Those come from the npm packages that are set as dependencies in the package.json file. When you run npm install it will install all packages set in the package.json. Every single package has their own package.json that also has some dependenices. Each package install their own needed version of that package and sometimes they use older versions of those packages. Only way to get rid of those warnings would be to get the package creators to update their packages.
Only package that you can update yourself is the gulp-minify-css. You can uninstall that package npm remove gulp-minify-css --save-dev and install the newer non-deprecated version gulp-clean-css. npm install gulp-clean-css --save-dev. If you do that you need to update the gulpfile.js for the project to use the new package.
Find the styleTask for the starter-kit in the gulpfile.js:
var styleTask = function(stylesPath, srcs) {
return gulp.src(srcs.map(function(src) {
return path.join('app', stylesPath, src);
}))
.pipe($.changed(stylesPath, {extension: '.css'}))
.pipe($.autoprefixer(AUTOPREFIXER_BROWSERS))
.pipe(gulp.dest('.tmp/' + stylesPath))
.pipe($.minifyCss())
.pipe(gulp.dest(dist(stylesPath)))
.pipe($.size({title: stylesPath}));
};
and change the .pipe($.minifyCss()) row to be .pipe($.cleanCss({compatibility: 'ie10'}))
Now you have managed to update the starter-kit to use newer non-deprecated package.
Many packages in the npm package manager have some deprecated packages or cause other warnings while installing but most of the time there is no need to worry.
No need to worry about those warnings in this case. They shouldn't cause the problems that you allude to. I verified the PSK guide you mentioned (the page completely appears and functions without error in Chrome Version 49.0.2623.112 on OSX El Capitan).
npm displays deprecation warnings when a dependency being installed has been deprecated by the dependency's package owner/maintainer usually in favor of another package/version that has significant improvements. Packages can be deprecated/undeprecated at will and long after your app has been deployed.
For example, in January, you release an app that depends on gulp-minify-css#1.2.4. The owner of gulp-minify-css no longer has time to maintain the package, so he decides in March to deprecate it in favor of the actively maintained gulp-clean-css. Now, users who npm install your app (which also installs gulp-minify-css) see this deprecation warning, but your app still functions normally. The deprecation does not invalidate your app or cause errors.
While normally one might try to upgrade the dependencies to remove the warnings, that is not recommended for PSK due to package incompatibilities as recently discovered in a pull request:
So I just took this for a spin and I ran into some issues :( although
the current gulp plugins are deprecated they are working for the
community! This PR represents a "high risk" change, that we have found
to be breaking in several odd ways. For that reason I am going to
close this PR for now. That said let's revisit this PR in a few months
and see if things have stabilized more.