shama / gaze

:crystal_ball: A globbing fs.watch wrapper built from the best parts of other fine watch libs.
MIT License
1.15k stars 168 forks source link

Outdated dependencies #210

Closed adamreisnz closed 8 years ago

adamreisnz commented 8 years ago

Hello, the dependencies for this package are outdated, which is causing an install warning, because globlue 0.1.0 uses lodash 1.0.2. This results in:

npm WARN deprecated lodash@1.0.2: lodash@<3.0.0 is no longer maintained. Upgrade to lodash@^4.0.0.

Could you update to the latest globule version 0.2.0?

tcoulter commented 8 years ago

I'm seeing this too.

Looks like the package.json has been updated but it hasn't been pushed to npm.

kenany commented 8 years ago

What version of gaze? Looks fine with @0.6.4:

$ npm view gaze@0.6.4 dependencies.globule
~0.2.0
adamreisnz commented 8 years ago

0.5.2 it seems, which is what node-sass 3.4.2 is using, which is what gulp-sass is using...

├─┬ gulp-sass@2.2.0
│ └─┬ node-sass@3.4.2
│   ├─┬ gaze@0.5.2
│   │ └─┬ globule@0.1.0
│   │   └── lodash@1.0.2 

Gah, it's a nightmare to find out who is responsible for deprecation warnings :P

shama commented 8 years ago

Sorry all. I'm in the process of publishing a 1.0.0. master is the latest code but not the latest published release.

ELLIOTTCABLE commented 8 years ago

Just a :+1: here. This has a couple deprecated versions in its' dependence tree, and since quite a few packages depend on this, many installs are affected:

richb-hanover commented 8 years ago

@shama - I don't mean to pile on, but I noticed that the package.json on the main page has globule@0.2.0 as a dependency, but the npm bundle version mentions globule@0.1.0. Not entirely sure what this means (I'm new to npm) but I've added some detail in https://github.com/kriasoft/react-starter-kit/issues/441#issuecomment-189986155

NB updating the npm version to globule@0.2.0 would minimize the grumpy warnings.

richb-hanover commented 8 years ago

Update: It appears that dependencies (including globule) were updated on 16 Jan 2016, but that the version number wasn't bumped. Perhaps npm is caching the older globule@0.1.0?

shama commented 8 years ago

Closing as it's now using latest dependencies.