80% of deprecations in console are due to react-scripts #9431
Comments
|
this will be fixed in the next release. To test it out https://gist.github.com/iansu/282dbe3d722bd7231fa3224c0f403fa1 |
|
Hello! I have the same issue with deprecated dependencies and unfortunately switching to the new version did not correct the problem for me. I changed my package.json reference I still received the following deprecation warnings: I ran ... I'm sure I must be missing something on my end, I apologize for the trouble. Thanks so much! |
|
Is there anything we can do to help? Having this many deprecation warnings scares me a bit to be honest. |
|
This issue has been automatically marked as stale because it has not had any recent activity. It will be closed in 5 days if no further activity occurs. |
|
Indeed, there's not much activity -- but the issue still persists. |
|
Yeah, I'm seeing the same thing on 'next' |
|
@gaearon any idea who currently "owns" this repo? It'd be good to get the deps updated and pushed as patch release, even if no code changes get pushed. |
|
All of these would eventually resolve themselves as underlying packages are updated. I don't see an action item here. The messages showing up are unfortunate but there is no actual way it would impact your app or environment as far as I can tell. |
|
While true, |
|
I fully agree with you it's nice to have (and we actually worked with underlying packages in the past to get issues like this fixed) but I don't think this is a priority right now when there are bigger issues (such as to get 4.0 out). |
|
To provide some tracking of each warning for myself and others:
|
|
Thanks -- the tracking/explanations definitely help. However, I fear having these deprecations produce warnings that are now "ok" will lead to some form of "warning fatique", and so one might end up ignoring all of them because "probably that's just react-scripts anyways" (as unfair as that might sound, given above explanation that react-scripts isn't really the evil guy here). I suspect there's not much that can be done here though, and the problem might be more in the way these deprecations get aggregated upwards by npm. Maybe react-scripts could log something to point to a place that has these explanations? |
|
Accuracy and elegance of React can be reduced to nothing with such littering tools like react-scripts. If perfectionists would leave React, where they would go? |
|
This issue has been automatically marked as stale because it has not had any recent activity. It will be closed in 5 days if no further activity occurs. |
|
Not stale, I believe this is just not priority right now |
|
following Ionic react with the gallery example leads to this, causes hang on [email protected] |
|
Deprecation warnings don't cause things to hang, they are versioning notices during install. Please file a new issue instead if you're certainly it's caused by create-react-app, but it's almost certainly something you'll want to start on the ionic-framework repo for: https://github.com/ionic-team/ionic-framework/issues |
|
In our case, we are using CRA underneath our language/framework, and these deprecation messages are prominent in the logs, some of them looking really scary, e.g.: I understand from above that these messages are coming from the packages CRA uses and therefore you can't fix them directly, but I am wondering what is the general strategy for avoiding getting into situations like this? Is it really applying pressure to the mentioned packages as somebody above mentioned? Or fixing problems ourselves? I would be happy to try and take on one or two of these problems if they are of reasonable scope, if some guidance would be provided -> maybe issue could be created for each problem and progress could be tracked there? At the moment of writing, I found following packages that are used in CRA (at some level) to produce deprecation messages: |
Using react "react-scripts": "4.0.3" , and still massive amount of deprecation warning. |
same for me too. here - #10927 |
|
I'm on "react-scripts": "latest", and getting the following deprecation warnings:
|
There is nothing more stable than react-scripts deprecation... |
Amen to that 👍 |
|
|
|
These are not direct dependencies of Create React App so we don't have direct control over the versions. We always update all our dependencies with each new release so eventually these should go away. |
|
I'm having two security vulnerabilities due to react-scripts not being updated for 6 months. What is going on ? Is this project dead ? |
|
It's not dead but create-react-app has always been a community maintained initiative aimed at making it easy for beginners to get started. If security vulnerabilities or a robust production-ready setup are a concern then you might be better off setting up your own webpack config or using a framework that's built for production use like Next.js. The React docs really don't do a great job at making it clear that create-react-app doesn't guarantee anything if you decide to use it in production. It's under the facebook org, but is completely maintained by community volunteers. |
|
@cseas Thanks for the explanation. How can I contribute to update these packages ? Besides contributing guidelines, how can I make sure that updating one dependency won't break anything for the thousands of users of create-react-app ? |
|
I'm not sure. |
|
No need to call for Gaearon, he already made his point very clear on his blog: https://overreacted.io/npm-audit-broken-by-design/. |
Describe the bug
Did you try recovering your dependencies?
Yes
Which terms did you search for in User Guide?
deprecated
Environment
$ npx create-react-app --info
npx: установлен 98 в 18.49s
Environment Info:
current version of create-react-app: 3.4.1
running from C:\Users\User\AppData\Roaming\npm-cache_npx\17536\node_modules\create-react-app
System:
OS: Windows 10 10.0.18363
CPU: (8) x64 Intel(R) Core(TM) i7-4700HQ CPU @ 2.40GHz
Binaries:
Node: 14.4.0 - C:\nodejs\node.EXE
Yarn: Not Found
npm: 6.14.5 - C:\nodejs\npm.CMD
Browsers:
Edge: 44.18362.449.0
Internet Explorer: 11.0.18362.1
npmPackages:
react: Not Found
react-dom: Not Found
react-scripts: ^3.3.1 => 3.3.1
npmGlobalPackages:
create-react-app: Not Found
Steps to reproduce
2.enjoy the deprecation messages
npm WARN deprecated [email protected]: fsevents 1 will break on node v14+ and could be using insecure binaries. Upgrade to fsevents 2.
npm WARN deprecated [email protected]: use String.prototype.padStart()
npm WARN deprecated [email protected]: request has been deprecated, see Request’s Past, Present and Future request/request#3142
npm WARN deprecated [email protected]: request-promise-native has been deprecated because it extends the now deprecated request package, see Request’s Past, Present and Future request/request#3142
npm WARN deprecated [email protected]: this library is no longer supported
npm WARN deprecated [email protected]: core-js@<3 is no longer maintained and not recommended for usage due to the number of issues. Please, upgrade your dependencies to the actual version of core-js@3.
Expected behavior
No deprecation messages
Actual behavior
npm WARN deprecated [email protected]: fsevents 1 will break on node v14+ and could be using insecure binaries. Upgrade to fsevents 2.
npm WARN deprecated [email protected]: use String.prototype.padStart()
npm WARN deprecated [email protected]: request has been deprecated, see request/request#3142
npm WARN deprecated [email protected]: request-promise-native has been deprecated because it extends the now deprecated request package, see request/request#3142
npm WARN deprecated [email protected]: this library is no longer supported
npm WARN deprecated [email protected]: core-js@<3 is no longer maintained and not recommended for usage due to the number of issues. Please, upgrade your dependencies to the actual version of core-js@3.
Reproducible demo
(Paste the link to an example project and exact instructions to reproduce the issue.)
The text was updated successfully, but these errors were encountered: