Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

New deprecation warnings stemming from recursive-copy@^2.0.14 #3299

Closed
noelforte opened this issue May 28, 2024 · 6 comments
Closed

New deprecation warnings stemming from recursive-copy@^2.0.14 #3299

noelforte opened this issue May 28, 2024 · 6 comments
Labels
high-priority housekeeping npm-audit Security audits from npm release: canary A release on the canary channel
Milestone
Eleventy 3.0.0

Comments

@noelforte
Copy link
Contributor

Operating system

macOS Sonoma 14.2.1 (23C71)

Eleventy

@11ty/[email protected]

Describe the bug

As of writing this issue, I'm seeing new deprecation warnings for the following packages:

npm warn deprecated [email protected]: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful.
npm warn deprecated [email protected]: Rimraf versions prior to v4 are no longer supported
npm warn deprecated [email protected]: Glob versions prior to v9 are no longer supported

Upon further investigation, I can see that these deprecated packages stem from recursive-copy@^2.0.14 which hasn't been touched for the past 2 years. recursive-copy is a direct dependency of Eleventy as of the latest canary (3.0.0-alpha.10). Here's a copy of the dependency tree:

@11ty/eleventy 3.0.0-alpha.10
└─┬ recursive-copy 2.0.14 # <-- hasn't been updated, below dependencies are deprecated
  └─┬ rimraf 2.7.1
    └─┬ glob 7.2.3
      └── inflight 1.0.6

Reproduction steps

  1. Create a new directory
  2. npm init -y
  3. npm install @11ty/eleventy@canary
  4. See output

Expected behavior

Warnings about deprecated packages should not be thrown.

Reproduction URL

No response

Screenshots

No response
@noelforte noelforte changed the title Deprecation warnings stemming from recursive-copy@^2.0.14 New deprecation warnings stemming from recursive-copy@^2.0.14 May 28, 2024
@noelforte
Copy link
Contributor Author

As an addendum: I recently learned that there's a native API for recursive copying in NodeJS that was introduced back in Node 16 (along with a promisified version too), however even as of v22 it's still labeled as "Experimental", so might not be the right thing to lean on if Eleventy's policy is to only use native API's that are stable. Just thought I'd add it as an afterthought here since it seemed relevant.

@zachleat zachleat mentioned this issue Jun 18, 2024
Closed
@zachleat zachleat added npm-audit Security audits from npm housekeeping and removed needs-triage labels Jun 18, 2024
@zachleat
Copy link
Member

Confirmed this, filed upstream first: timkendrick/recursive-copy#44

@zachleat
Copy link
Member

Lovely visualization here of the dep graph: https://npmgraph.js.org/?q=%4011ty%2Feleventy%40canary#select=exact%3Arecursive-copy%402.0.14

@BenjaminEHowe
Copy link

BenjaminEHowe commented Jul 9, 2024
edited
Loading

Hmm -- the upstream project seems to have limited activity, and no releases for over 2 years. I think fs-extra could be used instead here... any thoughts? I suspect this would be a breaking change so perhaps best to get into v3 if it's not too late.

@zachleat zachleat added the release: canary A release on the canary channel label Jul 11, 2024
@zachleat zachleat added this to the Eleventy 3.0.0 milestone Jul 11, 2024
@zachleat zachleat mentioned this issue Jul 11, 2024
Open
@zachleat
Copy link
Member

@BenjaminEHowe I think we’ll temporarily fork this one and hopefully move to fs.cp in the next major. Looks like fs.cp is stable in Node v22.3.0: https://nodejs.org/docs/latest-v22.x/api/fs.html#fscpsrc-dest-options-callback Filed that work at #3360

@zachleat zachleat removed the on-hold label Jul 11, 2024
zachleat added a commit to 11ty/recursive-copy that referenced this issue Jul 11, 2024
@zachleat
One more audit down 11ty/eleventy#3299
3308eb4
zachleat added a commit to 11ty/recursive-copy that referenced this issue Jul 11, 2024
@zachleat
Last audits for 11ty/eleventy#3299
aca3612
zachleat added a commit that referenced this issue Jul 11, 2024
@zachleat
Fixes #3299
2908773
@zachleat
Copy link
Member

We’re now using @11ty/recursive-copy temporarily which includes the npm dependency updates required here: https://github.com/11ty/recursive-copy/

Shipping with 3.0.0-alpha.17.

@zachleat zachleat mentioned this issue Jul 22, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
high-priority housekeeping npm-audit Security audits from npm release: canary A release on the canary channel
Projects
None yet
Milestone
Eleventy 3.0.0
Development

No branches or pull requests
3 participants
@zachleat @BenjaminEHowe @noelforte