search

GluuFederation / gluu-passport

Gluu interface to Passport.js to support social login and inbound identity.
Apache License 2.0
6 stars 16 forks source link

deprecated packages found in Gluu-server 4.5.0 build #507

Open moabu opened 1 year ago

moabu commented 1 year ago 

npm WARN deprecated csurf@1.11.0: Please use another csrf package
npm WARN deprecated passport-saml@3.2.4: For versions >= 4, please use scopped package @node-saml/passport-saml

added 260 packages, and audited 261 packages in 36s

34 packages are looking for funding
  run `npm fund` for details

5 vulnerabilities (4 moderate, 1 critical)

To address issues that do not require attention, run:
  npm audit fix

To address all issues (including breaking changes), run:
  npm audit fix --force

Run `npm audit` for details.
npm notice 
npm notice New major version of npm available! 8.11.0 -> 9.2.0
npm notice Changelog: <https://github.com/npm/cli/releases/tag/v9.2.0>
npm notice Run `npm install -g npm@9.2.0` to update!
npm notice
christian-hawk commented 1 year ago

passport-saml : last patch released 2 months ago on v3. They want to move to v4 in a new repo and added the deprecation message, but package is not deprecated technically speaking.

srd90 commented 8 months ago

They want to move to v4 in a new repo and added the deprecation message, but package is not deprecated technically speaking.

passport-saml package is very much deprecated and unmaintained. Ie. it is deprecated in true meaning of deprecation. Proof (read comments from this PR): https://github.com/node-saml/passport-saml/pull/857#issuecomment-1517665690