search

stoplightio / http-spec

Utilities to normalize OpenAPI v2 and v3 objects for the Stoplight ecosystem.
https://stoplight.io
Apache License 2.0
20 stars 11 forks source link

JSON Schema Generator using deprecated request library #191

Open strmer15 opened 2 years ago

strmer15 commented 2 years ago

The @stoplight/json-schema-generator package is using the deprecated request library, which results in these yarn warnings when installing:

warning @stoplight/prism-cli > @stoplight/http-spec > @stoplight/json-schema-generator > request@2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142
warning @stoplight/prism-cli > @stoplight/http-spec > @stoplight/json-schema-generator > request > uuid@3.4.0: Please upgrade  to version 7 or higher.  Older versions may use Math.random() in certain circumstances, which is known to be problematic.  See https://v8.dev/blog/math-random for details.
warning @stoplight/prism-cli > @stoplight/http-spec > @stoplight/json-schema-generator > request > har-validator@5.1.5: this library is no longer supported

I've created https://github.com/stoplightio/json-schema-generator/pull/7 to fix this, but can't find anyone willing to review it and merge. Looks like others noticed this in https://github.com/stoplightio/http-spec/issues/92 but it was closed without fixing the problem.

Context

Fix yarn and npm warnings about using a deprecated library.

Current Behavior

Installing @stoplight/http-spec or @stoplight/prism-cli causes yarn to emit warnings about using a deprecated library.

Expected Behavior

No warnings should be in the output.

Possible Solution(s)

Merge the change in https://github.com/stoplightio/json-schema-generator/pull/7 to use node-fetch instead.