An open source Valkey client library that supports Valkey and Redis open source 6.2, 7.0 and 7.2. Valkey GLIDE is designed for reliability, optimized performance, and high-availability, for Valkey and Redis OSS based applications. GLIDE is a multi language client library, written in Rust with programming language bindings, such as Java and Python
Apache License 2.0
268
stars
56
forks
source link
Packages using old versions of glob and inflight #2291
Glob <V9 is not maintained, and inflight leaks memory.
Both are used for tests usage and not count as security issues.
With that said, jest is well known for memory issues, and using a direct dependency that leaks memory can affect our test's validity or create a flaky test.
Issues are opened in both packages repo's and need to be tracked.
$ npm i
npm WARN deprecated inflight@1.0.6: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful.
npm WARN deprecated glob@7.2.3: Glob versions prior to v9 are no longer supported
npm WARN deprecated glob@8.1.0: Glob versions prior to v9 are no longer supported
$ npm ls inflight
@valkey/valkey-glide@ /home/ubuntu/glide-for-redis/node
├─┬ jest@29.7.0
│ └─┬ @jest/core@29.7.0
│ └─┬ @jest/reporters@29.7.0
│ └─┬ glob@7.2.3
│ └── inflight@1.0.6 deduped
└─┬ protobufjs-cli@1.1.3
└─┬ glob@8.1.0
└── inflight@1.0.6
$ npm ls glob
@valkey/valkey-glide@ /home/ubuntu/glide-for-redis/node
├─┬ jest@29.7.0
│ └─┬ @jest/core@29.7.0
│ ├─┬ @jest/reporters@29.7.0
│ │ └── glob@7.2.3
│ ├─┬ jest-config@29.7.0
│ │ └── glob@7.2.3 deduped
│ └─┬ jest-runtime@29.7.0
│ └── glob@7.2.3 deduped
├─┬ protobufjs-cli@1.1.3
│ └── glob@8.1.0
└─┬ ts-jest@29.2.5
└─┬ @jest/transform@29.7.0
└─┬ babel-plugin-istanbul@6.1.1
└─┬ test-exclude@6.0.0
└── glob@7.2.3 deduped
Glob <V9 is not maintained, and inflight leaks memory. Both are used for tests usage and not count as security issues. With that said, jest is well known for memory issues, and using a direct dependency that leaks memory can affect our test's validity or create a flaky test. Issues are opened in both packages repo's and need to be tracked.
#jest/issues/15236 #protobuf.js/issues/1980