Dependencies are not up to date

[bl4ckb0ne]

$ yarn 
yarn install v1.22.10
info No lockfile found.
[1/5] Validating package.json...
[2/5] Resolving packages...
warning @commitlint/cli > babel-polyfill > core-js@2.6.12: core-js@<3 is no longer maintained and not recommended for usage due to the number of issues. Please, upgrade your dependencies to the actual version of core-js@3.
warning @commitlint/cli > babel-polyfill > babel-runtime > core-js@2.6.12: core-js@<3 is no longer maintained and not recommended for usage due to the number of issues. Please, upgrade your dependencies to the actual version of core-js@3.
warning @types/jest > @types/jest-diff@24.3.0: This is a stub types definition. jest-diff provides its own type definitions, so you do not need this installed.
warning @types/reflect-metadata@0.1.0: This is a stub types definition for reflect-metadata (https://github.com/rbuckton/ReflectDecorators). reflect-metadata provides its own type definitions, so you don't need @types/reflect-metadata installed!
warning jest > jest-cli > @jest/core > jest-haste-map > fsevents@1.2.13: fsevents 1 will break on node v14+ and could be using insecure binaries. Upgrade to fsevents 2.
warning jest > jest-cli > @jest/core > micromatch > snapdragon > source-map-resolve > resolve-url@0.2.1: https://github.com/lydell/resolve-url#deprecated
warning jest > jest-cli > @jest/core > micromatch > snapdragon > source-map-resolve > urix@0.1.0: Please see https://github.com/lydell/urix#deprecated
warning jest > jest-cli > jest-config > jest-environment-jsdom > jsdom > left-pad@1.3.0: use String.prototype.padStart()
warning jest > jest-cli > jest-config > jest-environment-jsdom > jsdom > request@2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142
warning jest > jest-cli > jest-config > jest-environment-jsdom > jsdom > request-promise-native@1.0.9: request-promise-native has been deprecated because it extends the now deprecated request package, see https://github.com/request/request/issues/3142
warning jest > jest-cli > jest-config > jest-environment-jsdom > jsdom > request > har-validator@5.1.5: this library is no longer supported
warning tslint@6.0.0: TSLint has been deprecated in favor of ESLint. Please see https://github.com/palantir/tslint/issues/4534 for more information.
warning typestrict > tslint-sonarts@1.9.0: Package no longer supported. Consider using eslint-plugin-sonarjs.
[3/5] Fetching packages...
info fsevents@1.2.13: The platform "linux" is incompatible with this module.
info "fsevents@1.2.13" is an optional dependency and failed compatibility check. Excluding it from installation.
[4/5] Linking dependencies...
warning "typestrict > tslint-microsoft-contrib@5.2.1" has incorrect peer dependency "tslint@^5.1.0".
warning "typestrict > tslint-sonarts@1.9.0" has incorrect peer dependency "tslint@^5.11.0".
[5/5] Building fresh packages...
success Saved lockfile.
Done in 35.64s.

[laurence-myers]

1. These are all transitive dependencies, i.e. dependencies of dependencies (of dependencies). Not much we can do to resolve them. jest is the biggest culprit.
2. We should replace tslint with eslint, which avoids the typestrict dependency issues.
3. All of these dependencies are dev dependencies, so only impact ongoing maintenance, and not consumers of joiful. The only runtime dependencies of joiful are joi and Node.js itself.

[kf6kjg]

It's been a few years, and now the scope of dependencies has doubled: reflect-metadata exists as a required peer dependency. Since the version specifier is 0.1.13 only that exact version will match. This is causing me some headaches, and I'm working around it with npm overrides.