search

geosolutions-it / MapStore2

The solution to create and share maps, dashboards, geostories with 3D support on the web. And it is open-source too!
https://mapstore.geosolutionsgroup.com/
Other
503 stars 384 forks source link

Update deprecated NPM dependency versions #4647

Open offtherailz opened 4 years ago

offtherailz commented 4 years ago

Update deprecated dependencies (continue from #3901).

Here a list of most recent deprecated warning at the moment of writing this issue. They shuld be updated to latest versions :

npm WARN @geosolutions/react-joyride@1.10.2 requires a peer of react@^0.14.0 || ^15.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN @geosolutions/react-joyride@1.10.2 requires a peer of react-dom@^0.14.0 || ^15.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN connected-react-router@6.3.2 requires a peer of history@^4.7.2 but none is installed. You must install peer dependencies yourself.
npm WARN connected-react-router@6.3.2 requires a peer of react-router@^4.3.1 but none is installed. You must install peer dependencies yourself.
npm WARN draft-js-inline-toolbar-plugin@3.0.0 requires a peer of draft-js@^0.10.1 but none is installed. You must install peer dependencies yourself.
npm WARN draft-js-side-toolbar-plugin@3.0.1 requires a peer of draft-js@^0.10.1 but none is installed. You must install peer dependencies yourself.
npm WARN draft-js-plugins-editor@2.1.1 requires a peer of draft-js@^0.10.1 but none is installed. You must install peer dependencies yourself.
npm WARN react-addons-css-transition-group@15.6.2 requires a peer of react@^15.4.2 but none is installed. You must install peer dependencies yourself.
npm WARN react-confirm-button@0.0.2 requires a peer of react@^0.14.7 || ^15.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN react-container-dimensions@1.3.2 requires a peer of react@^0.14.0 || ^15.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN react-container-dimensions@1.3.2 requires a peer of react-dom@^0.14.0 || ^15.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN react-copy-to-clipboard@5.0.0 requires a peer of react@^15.3.0 but none is installed. You must install peer dependencies yourself.
npm WARN react-draft-wysiwyg@1.13.2 requires a peer of draft-js@^0.10.x but none is installed. You must install peer dependencies yourself.
npm WARN react-draft-wysiwyg@1.13.2 requires a peer of immutable@3.x.x || 4.x.x but none is installed. You must install peer dependencies yourself.
npm WARN react-dropzone@3.13.1 requires a peer of react@^0.14.0 || ^15.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN react-image-lightbox@4.2.2 requires a peer of react@^15.5.0 but none is installed. You must install peer dependencies yourself.
npm WARN react-image-lightbox@4.2.2 requires a peer of react-dom@^15.5.0 but none is installed. You must install peer dependencies yourself.
npm WARN react-input-autosize@1.1.4 requires a peer of react@^0.14 || ^15.0.0-rc || ^15.0 but none is installed. You must install peer dependencies yourself.
npm WARN react-intl@2.3.0 requires a peer of react@^0.14.9 || ^15.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN react-notification-system@0.2.14 requires a peer of react@0.14.x || ^15.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN react-notification-system@0.2.14 requires a peer of react-dom@0.14.x || ^15.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN react-router@4.1.1 requires a peer of react@^15 but none is installed. You must install peer dependencies yourself.
npm WARN react-scroll-up@1.3.0 requires a peer of react@0.13 - 15 but none is installed. You must install peer dependencies yourself.
npm WARN react-select@1.0.0-rc.4 requires a peer of react@^0.14 || ^15.0.0-rc || ^15.0 but none is installed. You must install peer dependencies yourself.
npm WARN react-select@1.0.0-rc.4 requires a peer of react-dom@^0.14 || ^15.0.0-rc || ^15.0 but none is installed. You must install peer dependencies yourself.
npm WARN react-share@1.15.1 requires a peer of react@0.13.x || 0.14.x || 15.x.x but none is installed. You must install peer dependencies yourself.
npm WARN react-swipeable-views@0.12.2 requires a peer of react@^15.0.0 || ^0.14.0 but none is installed. You must install peer dependencies yourself.
npm WARN react-twitter-widgets@1.3.0 requires a peer of react@^15.3.0 but none is installed. You must install peer dependencies yourself.
npm WARN recharts@0.22.4 requires a peer of react@^0.14.0 || ^15.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN react-resize-detector@0.4.1 requires a peer of react@^0.14.7 || ^15.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN recompose@0.24.0 requires a peer of react@^0.14.0 || ^15.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN react-widgets@3.5.0 requires a peer of react@^0.14.0 || ^15.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN react-widgets@3.5.0 requires a peer of react-dom@^0.14.0 || ^15.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN find-with-regex@1.1.3 requires a peer of draft-js@^0.10.5 but none is installed. You must install peer dependencies yourself.
npm WARN @terrestris/ol-util@3.0.1 requires a peer of ol@~5.0 but none is installed. You must install peer dependencies yourself.
npm WARN html-to-draftjs@1.5.0 requires a peer of immutable@3.x.x || 4.x.x but none is installed. You must install peer dependencies yourself.
npm WARN draftjs-utils@0.9.4 requires a peer of draft-js@^0.10.x but none is installed. You must install peer dependencies yourself.
npm WARN draftjs-utils@0.9.4 requires a peer of immutable@3.x.x || 4.x.x but none is installed. You must install peer dependencies yourself.
npm WARN react-modal@1.9.7 requires a peer of react@^0.14.0 || ^15.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN react-modal@1.9.7 requires a peer of react-dom@^0.14.0 || ^15.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN ajv-keywords@3.4.1 requires a peer of ajv@^6.9.1 but none is installed. You must install peer dependencies yourself.
npm WARN react-smooth@0.3.0 requires a peer of react@^0.14.0 || ^15.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN react-smooth@0.3.0 requires a peer of react-dom@^0.14.0 || ^15.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN babel-loader@6.2.10 requires a peer of webpack@1 || 2 || ^2.1.0-beta || ^2.2.0-rc but none is installed. You must install peer dependencies yourself.
npm WARN react-motion@0.5.0 requires a peer of react@^0.14.9 || ^15.3.0 but none is installed. You must install peer dependencies yourself.
npm WARN react-transition-group@1.1.3 requires a peer of react@^15.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN react-transition-group@1.1.3 requires a peer of react-dom@^15.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN redux-devtools@3.4.0 requires a peer of react@^0.14.9 || ^15.3.0 but none is installed. You must install peer dependencies yourself.
npm WARN redux-devtools@3.4.0 requires a peer of react-redux@^4.0.0 || ^5.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN redux-devtools-dock-monitor@1.1.2 requires a peer of react@^0.14.9 || ^15.3.0 but none is installed. You must install peer dependencies yourself.
npm WARN redux-devtools-log-monitor@1.3.0 requires a peer of react@^0.14.9 || ^15.3.0 but none is installed. You must install peer dependencies yourself.
npm WARN react-json-tree@0.10.9 requires a peer of react@^15.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN react-json-tree@0.10.9 requires a peer of react-dom@^15.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.2.9 (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.9: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@2.1.2 (node_modules/karma/node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@2.1.2: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})

added 1588 packages from 1950 contributors, removed 616 packages, updated 206 packages, moved 66 packages and audited 20298 packages in 106.962s
found 51 vulnerabilities (6 low, 21 moderate, 24 high)
  run `npm audit fix` to fix them, or `npm audit` for details
fkellner commented 4 months ago

The list has become longer:

npm WARN deprecated natives@1.1.6: This module relies on Node.js's internals and will break at some point. Do not use it, and update to graceful-fs@4.x.
npm WARN deprecated content-type-parser@1.0.2: Use whatwg-mimetype instead
npm WARN deprecated @carnesen/redux-add-action-listener-enhancer@0.0.1: This project has been abandoned
npm WARN deprecated @carnesen/checks@0.0.1: Obsoleted by TypeScript
npm WARN deprecated @babel/plugin-proposal-unicode-property-regex@7.18.6: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-unicode-property-regex instead.
npm WARN deprecated @babel/plugin-proposal-json-strings@7.18.6: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-json-strings instead.
npm WARN deprecated @babel/plugin-proposal-nullish-coalescing-operator@7.18.6: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-nullish-coalescing-operator instead.
npm WARN deprecated @babel/plugin-proposal-optional-catch-binding@7.18.6: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-optional-catch-binding instead.
npm WARN deprecated @babel/plugin-proposal-dynamic-import@7.18.6: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-dynamic-import instead.
npm WARN deprecated @babel/plugin-proposal-class-properties@7.8.3: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-class-properties instead.
npm WARN deprecated turf-union@3.0.10: Turf packages are now namespaced: please use @turf/union instead
npm WARN deprecated turf-invariant@3.0.12: Turf packages are now namespaced: please use @turf/invariant instead
npm WARN deprecated stable@0.1.8: Modern JS already guarantees Array#sort() is a stable sort, so this library is deprecated. See the compatibility table on MDN: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/sort#browser_compatibility
npm WARN deprecated source-map-url@0.4.1: See https://github.com/lydell/source-map-url#deprecated
npm WARN deprecated @turf/point-on-surface@4.1.0: Module has been renamed to @turf/point-on-feature
npm WARN deprecated @turf/polygon-to-linestring@4.1.0: Module has been renamed to @turf/polygon-to-line
npm WARN deprecated @turf/inside@4.1.0: Module has been renamed to @turf/boolean-point-in-polygon
npm WARN deprecated figgy-pudding@3.5.2: This module is no longer supported.
npm WARN deprecated doc-path@1.2.0: critical issue fixed in 2.3.0
npm WARN deprecated @babel/plugin-proposal-optional-chaining@7.21.0: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-optional-chaining instead.
npm WARN deprecated turf-meta@3.0.12: Turf packages are now namespaced: please use @turf/meta instead
npm WARN deprecated turf-bbox@3.0.12: Turf packages are now namespaced: please use @turf/bbox instead
npm WARN deprecated minimatch@2.0.10: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
npm WARN deprecated urix@0.1.0: Please see https://github.com/lydell/urix#deprecated
npm WARN deprecated har-validator@5.1.5: this library is no longer supported
npm WARN deprecated chokidar@1.5.2: Chokidar 2 will break on node v14+. Upgrade to chokidar 3 with 15x less dependencies.
npm WARN deprecated @babel/plugin-proposal-object-rest-spread@7.20.7: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-object-rest-spread instead.
npm WARN deprecated turf-inside@3.0.12: Turf packages are now namespaced: please use @turf/inside instead
npm WARN deprecated turf-explode@3.0.12: Turf packages are now namespaced: please use @turf/explode instead
npm WARN deprecated turf-center@3.0.12: Turf packages are now namespaced: please use @turf/center instead
npm WARN deprecated turf-distance@3.0.12: Turf packages are now namespaced: please use @turf/distance instead
npm WARN deprecated turf-bbox@3.0.10: Turf packages are now namespaced: please use @turf/bbox instead
npm WARN deprecated turf-point-on-surface@3.0.10: Turf packages are now namespaced: please use @turf/point-on-surface instead
npm WARN deprecated @babel/plugin-proposal-async-generator-functions@7.20.7: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-async-generator-functions instead.
npm WARN deprecated cryptiles@2.0.5: This version has been deprecated in accordance with the hapi support policy (hapi.im/support). Please upgrade to the latest version to get the best features, bug fixes, and security patches. If you are unable to upgrade at this time, paid support is available for older versions (hapi.im/commercial).
npm WARN deprecated abab@1.0.4: Use your platform's native atob() and btoa() methods instead
npm WARN deprecated graceful-fs@1.2.3: please upgrade to graceful-fs 4 for compatibility with current and future versions of Node.js
npm WARN deprecated turf-helpers@3.0.12: Turf packages are now namespaced: please use @turf/helpers instead
npm WARN deprecated source-map-resolve@0.5.3: See https://github.com/lydell/source-map-resolve#deprecated
npm WARN deprecated chokidar@2.1.8: Chokidar 2 does not receive security updates since 2019. Upgrade to chokidar 3 with 15x fewer dependencies
npm WARN deprecated resolve-url@0.2.1: https://github.com/lydell/resolve-url#deprecated
npm WARN deprecated redux-devtools-instrument@1.10.0: Package moved to @redux-devtools/instrument.
npm WARN deprecated redux-devtools@3.4.0: Package moved to @redux-devtools/core.
npm WARN deprecated boom@2.10.1: This version has been deprecated in accordance with the hapi support policy (hapi.im/support). Please upgrade to the latest version to get the best features, bug fixes, and security patches. If you are unable to upgrade at this time, paid support is available for older versions (hapi.im/commercial).
npm WARN deprecated xmldom@0.1.31: Deprecated due to CVE-2021-21366 resolved in 0.5.0
npm WARN deprecated xmldom@0.1.31: Deprecated due to CVE-2021-21366 resolved in 0.5.0
npm WARN deprecated minimatch@0.2.14: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
npm WARN deprecated debug@3.2.6: Debug versions >=3.2.0 <3.2.7 || >=4 <4.3.1 have a low-severity ReDos regression when used in a Node.js environment. It is recommended you upgrade to 3.2.7 or 4.3.1. (https://github.com/visionmedia/debug/issues/797)
npm WARN deprecated react-image-lightbox@4.2.2: Package no longer supported. Contact Support at https://www.npmjs.com/support for more info.
npm WARN deprecated sntp@1.0.9: This module moved to @hapi/sntp. Please make sure to switch over as this distribution is no longer supported and may contain bugs and critical security issues.
npm WARN deprecated draft-js-inline-toolbar-plugin@3.0.1: use @draft-js-plugins/inline-toolbar >=v4 instead
npm WARN deprecated draft-js-side-toolbar-plugin@3.0.1: use @draft-js-plugins/side-toolbar >=v4 instead
npm WARN deprecated redux-devtools-dock-monitor@1.1.2: Package moved to @redux-devtools/dock-monitor.
npm WARN deprecated querystring@0.2.0: The querystring API is considered Legacy. new code should use the URLSearchParams API instead.
npm WARN deprecated nomnom@1.8.1: Package no longer supported. Contact support@npmjs.com for more info.
npm WARN deprecated intl-messageformat-parser@1.2.0: We've written a new parser that's 6x faster and is backwards compatible. Please use @formatjs/icu-messageformat-parser
npm WARN deprecated uuid@3.0.1: Please upgrade  to version 7 or higher.  Older versions may use Math.random() in certain circumstances, which is known to be problematic.  See https://v8.dev/blog/math-random for details.
npm WARN deprecated canvg-browser@1.0.0: Please switch to canvg. It is actively maintained nowadays.
npm WARN deprecated hoek@2.16.3: This version has been deprecated in accordance with the hapi support policy (hapi.im/support). Please upgrade to the latest version to get the best features, bug fixes, and security patches. If you are unable to upgrade at this time, paid support is available for older versions (hapi.im/commercial).
npm WARN deprecated request@2.81.0: request has been deprecated, see https://github.com/request/request/issues/3142
npm WARN deprecated react-nouislider@2.0.1: Package no longer supported. Contact Support at https://www.npmjs.com/support for more info.
npm WARN deprecated uuid@3.4.0: Please upgrade  to version 7 or higher.  Older versions may use Math.random() in certain circumstances, which is known to be problematic.  See https://v8.dev/blog/math-random for details.
npm WARN deprecated uuid@3.4.0: Please upgrade  to version 7 or higher.  Older versions may use Math.random() in certain circumstances, which is known to be problematic.  See https://v8.dev/blog/math-random for details.
npm WARN deprecated uuid@3.4.0: Please upgrade  to version 7 or higher.  Older versions may use Math.random() in certain circumstances, which is known to be problematic.  See https://v8.dev/blog/math-random for details.
npm WARN deprecated request@2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142
npm WARN deprecated har-validator@4.2.1: this library is no longer supported
npm WARN deprecated json-2-csv@2.1.2: Please upgrade to the latest version 3.x.x module for improved functionality.
npm WARN deprecated mkdirp@0.5.1: Legacy versions of mkdirp are no longer supported. Please update to mkdirp 1.x. (Note that the API surface has changed to use Promises in 1.x.)
npm WARN deprecated redux-devtools-log-monitor@1.3.0: Package moved to @redux-devtools/log-monitor.
npm WARN deprecated hawk@3.1.3: This module moved to @hapi/hawk. Please make sure to switch over as this distribution is no longer supported and may contain bugs and critical security issues.
npm WARN deprecated draft-js-plugins-editor@2.1.1: use @draft-js-plugins/editor >=v4 instead
npm WARN deprecated draft-js-buttons@2.0.2: use @draft-js-plugins/buttons >=v4 instead
npm WARN deprecated tar@2.2.2: This version of tar is no longer supported, and will not receive security updates. Please upgrade asap.
npm WARN deprecated popper.js@1.16.1: You can find the new Popper v2 at @popperjs/core, this package is dedicated to the legacy v1
npm WARN deprecated intl-relativeformat@1.3.0: This package has been deprecated, please see migration guide at 'https://github.com/formatjs/formatjs/tree/master/packages/intl-relativeformat#migration-guide'
npm WARN deprecated vis@4.21.0: Please consider using https://github.com/visjs
npm WARN deprecated core-js@1.2.7: core-js@<3.23.3 is no longer maintained and not recommended for usage due to the number of issues. Because of the V8 engine whims, feature detection in old core-js versions could cause a slowdown up to 100x even if nothing is polyfilled. Some versions have web compatibility issues. Please, upgrade your dependencies to the actual version of core-js.
npm WARN deprecated core-js@2.4.1: core-js@<3.23.3 is no longer maintained and not recommended for usage due to the number of issues. Because of the V8 engine whims, feature detection in old core-js versions could cause a slowdown up to 100x even if nothing is polyfilled. Some versions have web compatibility issues. Please, upgrade your dependencies to the actual version of core-js.
npm WARN deprecated core-js@2.6.12: core-js@<3.23.3 is no longer maintained and not recommended for usage due to the number of issues. Because of the V8 engine whims, feature detection in old core-js versions could cause a slowdown up to 100x even if nothing is polyfilled. Some versions have web compatibility issues. Please, upgrade your dependencies to the actual version of core-js.

Which may result in security problems (even if without dev-dependencies, it's only 17 critical vulnerabilities): image

I will try to take care of some low-hanging fruits in the next few days and report on big issues that require your attention.

fkellner commented 4 months ago

See also transitive dependencies: