npm warn deprecated inflight@1.0.6
HamzaMeneceur opened this issue · 4 comments
Issue with bcrypt and inflight@1.0.6
I received an npm warning regarding the use of inflight@1.0.6 as a sub-dependency of bcrypt, indicating that this module is deprecated, unsupported, and has memory leaks. Here's the complete warning message:
npm warn deprecated inflight@1.0.6: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful.
Dependencies Structure
dependencies
- bcrypt: ^5.1.1
- cors: ^2.8.5
- debug: ^4.3.5
- dotenv: ^16.4.5
- express: ^4.19.2
- express-rate-limit: ^7.3.1
- helmet: ^7.1.0
- joi: ^17.13.1
- jsonwebtoken: ^9.0.2
- pg: ^8.12.0
- winston: ^3.13.0
- xss: ^1.0.15
devDependencies
- @types/express: ^4.17.21
- @types/node: ^20.14.2
- @types/pg: ^8.11.6
- nodemon: ^3.1.3
- rimraf: ^5.0.7
- typescript: ^5.4.5
Problem Details
I want to avoid using inflight@1.0.6 due to its known issues and npm's warning. Currently, I'm using Node.js version v20.14 and Ubuntu.
Steps Taken
- Checked existing issues, including closed ones, to see if this problem has been reported before.
- Installed all required dependencies as specified in the project's readme file.
- Checked npm error logs to identify any lines indicating failures, usually related to incorrect dependencies needed to build the native module.
Additional Information
- Node.js Version: v20.14
- Operating System: Ubuntu
Any assistance in resolving this issue would be greatly appreciated. Thank you!
P.S. I understand the importance of providing detailed information to facilitate issue resolution. I aim to avoid having my issue closed without a resolution, which can happen when insufficient information is provided.
Facing same issue
"npm WARN deprecated inflight@1.0.6: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful."
What I found at stackoverflow:
If you dig into package-lock.json, you can see that this is because vite is using the @typescript-eslint package, which require an outdated version of eslint, which in turn use an outdated version of file-entry-cache, which use an outdated version of flat-cache, which use an outdated version of rimraf, which use an outdated version of glob, which use inflight@1.0.6.
Unfortunately you have to wait for @typescript-eslint to release a new version that use eslint 9 to get rid of this warning.
Certainly! Thank you for your input on this issue.
I've decided to explore an alternative approach using a different package, and I'd like to close the issue now.
I appreciate your valuable assistance!
Kindly, What is the alternative you have settled for?