Open ScottyPoi opened 12 months ago
You can definitely remove the peerId stuff. That's all just sitting there in case we want to revive devp2p over libp2p and isn't actually ever compiled or run. I think the multiaddr bits we use are pretty small and could probably be internalized.
Have addressed the libp2p dependency removal in #2926
Follow-up issue to #2903 / #2912
The remaining security warnings all stem from
multiaddr: "10.0.1"
-- used by packageDevP2P
The package is has been deprecated and succeeded by
@multiformats/multiaddr
. However, the update to@multiformats/multiaddr
, was unsuccessful due to current ESM transition issues.Similarly, the package
peer-id
has been deprecated, with@libp2p/interfaces-peer-id
and@libp2p/peer-id-factory
as the successors.These packages are only used here: https://github.com/ethereumjs/ethereumjs-monorepo/tree/master/packages/client/libp2pBrowserBuild and can probably be removed entirely.
[ ] Look into
/client/libp2pBrowserBuild
and@libp2p
dependencieswhen possible [ ] Update 'multiaddr' to
@multiformats/multiaddr