Skip to content
This repository has been archived by the owner on Oct 10, 2021. It is now read-only.

Fix npm install warnings #255

Open
feross opened this issue Dec 1, 2015 · 8 comments
Open

Fix npm install warnings #255

feross opened this issue Dec 1, 2015 · 8 comments

Comments

@feross
Copy link
Collaborator

feross commented Dec 1, 2015

I get these warnings when installing zuul with the latest stable npm (3.3.12):

npm WARN deprecated lodash@2.4.1: lodash@<3.0.0 is no longer maintained. Upgrade to lodash@^3.0.0.
npm WARN deprecated lodash@2.4.2: lodash@<3.0.0 is no longer maintained. Upgrade to lodash@^3.0.0.
npm WARN deprecated lodash@2.1.0: lodash@<3.0.0 is no longer maintained. Upgrade to lodash@^3.0.0.
npm WARN deprecated deflate-crc32-stream@0.1.2: module has been merged into crc32-stream

It looks like updating these dependencies would fix the issue:

firefox-profile@0.2.7
istanbul-middleware@0.2.0 
lodash@2.4.2
@vvo
Copy link
Collaborator

vvo commented Dec 1, 2015

I think I tried updating lodash at some point but it failed erg..

@jdalton
Copy link

jdalton commented Dec 1, 2015

Let me know if I can help. To get a heads up of potential issues you can try using lodash-migrate.

@feross
Copy link
Collaborator Author

feross commented Dec 2, 2015

@jdalton Incidentally, why the deprecation warning for 2.x? Old code isn't necessarily bad if it's working correctly.

@jdalton
Copy link

jdalton commented Dec 2, 2015

I saw npm-deprecate used as an upgrade mechanism by @sebmck for Babel and dug it. With lodash v4 going out in Jan I wanted to nudge folks on older versions to upgrade. It's my hope that upgrades will cut down on support/maintenance issues related to older versions too.

I added the message for lodash@"<3.0.0||0.5.0-rc.1||<=1.0.0-rc.3" and
narrowed the range using the npm semver calculator.

@defunctzombie
Copy link
Owner

Personally, I see limited value in upgrading these utility modules especially to a breaking version. Maybe we can split up and pull in only the utilities we need versus all of lodash then upgrading is clearer since we know what functions to test and fix up.

If basic upgrade doesn't work out of the box I am more inclined to leave as is unless there is a proven performance or security benefit on the specific functions we are using from lodash; otherwise it is just needless number bumping :)

@feross
Copy link
Collaborator Author

feross commented Dec 7, 2015

@defunctzombie I think depending on just the functions we need is the right approach going forward. With npm3, zuul takes several minutes to install because it's dependency tree is so huge. npm3 is so slow, you notice the number of dependencies more acutely.

@defunctzombie
Copy link
Owner

Npm 3 ;(

On Monday, December 7, 2015, Feross Aboukhadijeh notifications@github.com
wrote:

@defunctzombie https://github.com/defunctzombie I think depending on
just the functions we need is the right approach going forward. With npm3,
zuul takes several minutes to install because it's dependency tree is so
huge.


Reply to this email directly or view it on GitHub
#255 (comment).

@vvo
Copy link
Collaborator

vvo commented Dec 8, 2015

To clarify this issue, anyone can submit a PR upgrading lodash to 3, this is all we need

@lpinca lpinca mentioned this issue Dec 8, 2015
Closed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@jdalton @defunctzombie @feross @vvo