Closed devinrhode2 closed 1 year ago
jeffijoe
commented
3 years ago I agree on checking if a package is deprecated.
I believe if a package contains a typings property in the package.json then typesync won’t install packages for it by default, so perhaps the library needs to be updated.
devinrhode2
commented
3 years ago Accidentally closed
ImLunaHey
commented
1 year ago Just hit this with chalk.
➜ jive git:(main) ✗ npx typesync@latest
» TypeSync v0.11.0
✔ 4 new typings added.
📦 jive — package.json (4 new typings added)
├─ + @types/cron
├─ + @types/eslint
├─ + @types/nodemon
└─ + @types/chalk
✨ Go ahead and run npm install or yarn to install the packages that were added.
➜ jive git:(main) ✗ npm i
npm WARN ERESOLVE overriding peer dependency
npm WARN While resolving: jive@undefined
npm WARN Found: @types/cron@1.7.3
npm WARN node_modules/@types/cron
npm WARN dev @types/cron@"^2.0.1" from the root project
npm WARN 1 more (@reflet/cron)
npm WARN
npm WARN Could not resolve dependency:
npm WARN peer @types/cron@"^1.7.2" from @reflet/cron@1.3.1
npm WARN node_modules/@reflet/cron
npm WARN dev @reflet/cron@"^1.3.1" from the root project
npm WARN deprecated @types/chalk@2.2.0: This is a stub types definition for chalk (https://github.com/chalk/chalk). chalk provides its own type definitions, so you don't need @types/chalk installed!Fixed in #98 and released as v0.11.1.
I'm getting
@types/testing-library__user-eventinstalled, last published a year ago, when I am using latest version of@testing-library/user-event(13.5.0), last published 18 hours agoHowever:
I think this may be somewhat related to #24
Maybe the @types/testing-library__user-event package should be modified, or maybe typesync should ignore packages that are deprecated on npm.
One extra small factor that may bolster this argument - if a certain package@version is deprecated, it may pose a security risk to install that package. For example, the recent
coahack: https://thehackernews.com/2021/11/two-npm-packages-with-22-million-weekly.html