search

TryGhost / node-sqlite3

SQLite3 bindings for Node.js
BSD 3-Clause "New" or "Revised" License
6.23k stars 817 forks source link

On installation, npm prints many warnings of stale dependencies #1805

Open robogeek opened 2 weeks ago

robogeek commented 2 weeks ago

Issue Summary

I've just added sqlite3 to my project, it is using version 5.1.7 (the latest as of this writing), and I get these warnings:

$ npm install
npm warn deprecated @npmcli/move-file@1.1.2: This functionality has been moved to @npmcli/fs
npm warn deprecated inflight@1.0.6: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful.
npm warn deprecated npmlog@6.0.2: This package is no longer supported.
npm warn deprecated rimraf@3.0.2: Rimraf versions prior to v4 are no longer supported
npm warn deprecated are-we-there-yet@3.0.1: This package is no longer supported.
npm warn deprecated glob@8.1.0: Glob versions prior to v9 are no longer supported
npm warn deprecated glob@7.2.3: Glob versions prior to v9 are no longer supported
npm warn deprecated glob@7.2.3: Glob versions prior to v9 are no longer supported
npm warn deprecated glob@7.2.3: Glob versions prior to v9 are no longer supported
npm warn deprecated gauge@4.0.4: This package is no longer supported.

I try to keep my project clean of these type of warnings. All of them trace back to an old node-gyp version being used.

For example:

$ npm ls @npmcli/move-file
akasharender@0.8.3 /home/david/Projects/akasharender/akasharender
└─┬ sqlite3@5.1.7
  └─┬ node-gyp@8.4.1
    └─┬ make-fetch-happen@9.1.0
      └─┬ cacache@15.3.0
        └── @npmcli/move-file@1.1.2

All the other dependencies have a similar output.

I haven't checked if updating node-gyp will fix these stale dependencies. But that would be a good first start. If any remain, then it's a matter of informing the other projects to update their dependencies.

Relevant logs or output

See above

Version

5.1.7

Node.js Version

22.x

How did you install the library?

npm install sqlite3 --save

andyImatest commented 2 weeks ago

I was able to get rid of these in my project by adding an override in package.json for node-gyp to 10.2.0 and another for glob 11.0.0. Upgrading these didn't seem to affect node-sqlite3 (as far as I can tell. It builds and it works for what I need it to do :) )

"overrides": { "glob": "11.0.0", "node-gyp": "10.2.0" },

robogeek commented 2 weeks ago

Good to know about this workaround. That would seem to support the idea that the sqlite3 team could bump the dependency version number with little about having to spend months working on upgrading the code. Sounds like it would instead be a 2 minute task.