You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently, when I install this package and set up the routes as per the documentation, the app fails to compile due to the following error:
Error: Package subpath './v4' is not defined by "exports" in <APP_PATH>\node_modules\uuid\package.json
at new NodeError (node:internal/errors:387:5)
at throwExportsNotFound (node:internal/modules/esm/resolve:439:9)
at packageExportsResolve (node:internal/modules/esm/resolve:718:3)
at resolveExports (node:internal/modules/cjs/loader:493:36)
at Function.Module._findPath (node:internal/modules/cjs/loader:533:31)
at Function.Module._resolveFilename (node:internal/modules/cjs/loader:942:27)
at Function.Module._load (node:internal/modules/cjs/loader:804:27)
at Function.Module._load (<APP_PATH>\packages\node\src\executors\node\node-with-require-overrides.ts:16:27)
at Module.require (node:internal/modules/cjs/loader:1022:19)
at require (node:internal/modules/cjs/helpers:102:18)
If I remove any reference to this package, it works fine (albeit without authentication obviously).
I noticed that something required by this package uses a very old version of uuid, because when installing this, I get the warning: npm WARN deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic.. Using npm ls uuid shows that passport-twitch-latest@1.0.0 which depends on request@2.88.2 (which in itself is deprecated) uses uuid@3.4.0 which is horribly out of date and deprecated, and this package depends on passport-twitch-latest (which hasn't been updated for over 2 years).
Expected behavior
I expect for it to work as described
Suggested solution(s)
I believe changing to not use something that has a very out of date dependency of uuid will work (for example, this one, which doesn't use request at all, so no uuid dependency), since everything in nestjs uses uuid@8.3.2, and in version 7 of uuid, using subpaths was deprecated and in version 8 it was removed entirely (hence the ./v4 error above I believe).
Additional context
I'll also put this here, but if you want a separate issue let me know, but it would be nice to officially support v9 of nestjs and v0.6 of passport, since this package has a dependency of nestjs@^8.0.7 and passport@^0.5.0and I want to keep my packages updated without loads of warnings and I don't like having to use --force. And on top of that, passport@0.5.x is deprecated due to a security issue (Passport before 0.6.0 vulnerable to session regeneration when a users logs in or out - https://github.com/advisories/GHSA-v923-w3x8-wh69), but I suppose if you move away from passport-twitch-latest to a more up-to-date alternative or make your own, that will most likely be fixed (although my suggestion above still depends on passport@^0.5.0 but maybe forcing to use 0.6.0 will work).
Your environment
Software
Version(s)
@nestjs-hybrid-auth/twitch
1.0.0
@nestjs/core
8.4.7
@nestjs/common
8.4.7
@nestjs/passport
8.2.2
passport
0.5.3
npm
8.13.2
Operating System
Windows 10 Pro
The text was updated successfully, but these errors were encountered:
Chifilly
added a commit
to Chifilly/nestjs-hybrid-auth
that referenced
this issue
Jul 30, 2022
Bug report
Current Behavior
Currently, when I install this package and set up the routes as per the documentation, the app fails to compile due to the following error:
If I remove any reference to this package, it works fine (albeit without authentication obviously).
I noticed that something required by this package uses a very old version of
uuid
, because when installing this, I get the warning:npm WARN deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic.
. Usingnpm ls uuid
shows thatpassport-twitch-latest@1.0.0
which depends onrequest@2.88.2
(which in itself is deprecated) usesuuid@3.4.0
which is horribly out of date and deprecated, and this package depends onpassport-twitch-latest
(which hasn't been updated for over 2 years).Expected behavior
I expect for it to work as described
Suggested solution(s)
I believe changing to not use something that has a very out of date dependency of uuid will work (for example, this one, which doesn't use
request
at all, so nouuid
dependency), since everything in nestjs usesuuid@8.3.2
, and in version 7 of uuid, using subpaths was deprecated and in version 8 it was removed entirely (hence the./v4
error above I believe).Additional context
I'll also put this here, but if you want a separate issue let me know, but it would be nice to officially support v9 of nestjs and v0.6 of passport, since this package has a dependency of
nestjs@^8.0.7
andpassport@^0.5.0
and I want to keep my packages updated without loads of warnings and I don't like having to use--force
. And on top of that,passport@0.5.x
is deprecated due to a security issue (Passport before 0.6.0 vulnerable to session regeneration when a users logs in or out - https://github.com/advisories/GHSA-v923-w3x8-wh69
), but I suppose if you move away frompassport-twitch-latest
to a more up-to-date alternative or make your own, that will most likely be fixed (although my suggestion above still depends onpassport@^0.5.0
but maybe forcing to use 0.6.0 will work).Your environment
The text was updated successfully, but these errors were encountered: