KPC
Kevin Powell - Community5mo ago
Zach

npm deprecated and vulnerable dependencies

When running pnpm run develop on latest Gatsby version I get the following pop up a bunch of times:
(node:2069896) [DEP0040] DeprecationWarning: The punycode module is deprecated. Please use a userland alternative instead. (Use node --trace-deprecation ... to show where the warning was created)
I also have one high and one moderate vulnerabilities that introduce breaking changes 💀 Anyone sorted this type of thing before and willing to dumb it down for me? I never really look into fixing these but this is for a project where an employer will look at the console and I want this shit cleaned up but no idea how
8 Replies
Zach
ZachOP5mo ago
Have tried clearing caches, updating stuff, reinstalling things etc. Going to keep throwing shit at the wall
ἔρως
ἔρως5mo ago
https://www.npmjs.com/package/punycode
⚠️ Note that userland modules don't hide core modules. For example, require('punycode') still imports the deprecated core module even if you executed npm install punycode. Use require('punycode/') to import userland modules rather than core modules.
maybe this will help?
Zach
ZachOP5mo ago
yea I saw people suggesting to add a / at the end where it's required in other modules is that really the best fix? Editing the node modules?
ἔρως
ἔρως5mo ago
seems to be it
Zach
ZachOP5mo ago
surely I can update the modules to a version that calls punycode properly
ἔρως
ἔρως5mo ago
the code module is deprecated in node 7 according to that link
Zach
ZachOP5mo ago
well I'm on v22 so no damn idea why this crap is using it
ἔρως
ἔρως5mo ago
no idea why anything uses that
Want results from more Discord servers?
Add your server