The `punycode` module is deprecated. Please use a userland alternative instead.
baditaflorin opened this issue · 5 comments
node:41352) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.
at node:punycode:3:9
at BuiltinModule.compileForInternalLoader (node:internal/bootstrap/realm:398:7)
at BuiltinModule.compileForPublicLoader (node:internal/bootstrap/realm:337:10)
at loadBuiltinModule (node:internal/modules/helpers:113:7)
at Module._load (node:internal/modules/cjs/loader:1053:17)
at Module.require (node:internal/modules/cjs/loader:1290:19)
at require (node:internal/modules/helpers:188:18)
at Object.<anonymous> ([...]/node_modules/node-geocoder/node_modules/whatwg-url/lib/url-state-machine.js:2:18)
at Module._compile (node:internal/modules/cjs/loader:1455:14)
at Module._extensions..js (node:internal/modules/cjs/loader:1534:10)
at Module.load (node:internal/modules/cjs/loader:1265:32)
at Module._load (node:internal/modules/cjs/loader:1081:12)
at Module.require (node:internal/modules/cjs/loader:1290:19)
at require (node:internal/modules/helpers:188:18)
at Object.<anonymous> ([...]/node_modules/node-geocoder/node_modules/whatwg-url/lib/URL-impl.js:2:13)
at Module._compile (node:internal/modules/cjs/loader:1455:14)
➜ git:(main) ✗ npm install node-geocoder@latest
up to date, audited 229 packages in 2s
35 packages are looking for funding
run `npm fund` for details
found 0 vulnerabilities
Looking at the package lock I see that nide-geocoder it's using node fetch 2.7.0 when the latest version is 3.3.2
The old version 2.7 of node fetch requires a antiquated version 5 of "whatwg-url": "^5.0.0"
When the latest version of "whatwg-url": is 14
"node_modules/node-geocoder/node_modules/node-fetch": {
"version": "2.7.0",
"resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.7.0.tgz",
"integrity": "sha512-c4FRfUm/dbcWZ7U+1Wq0AwCyFL+3nt2bEw05wfxSz+DWpWsitgmSgYmy2dQdWyKC1694ELPqMs/YzUSNozLt8A==",
"dependencies": {
"whatwg-url": "^5.0.0"
},
"engines": {
"node": "4.x || >=6.0.0"
},
"peerDependencies": {
"encoding": "^0.1.0"
},
"peerDependenciesMeta": {
"encoding": {
"optional": true
}
}
},
I can confirm that if I change the package-lock.json to have the whatwg-url version to be exactly 14.0.0 the code works.
But this it's not sustainable as I want to run the script from a pipeline and the user should be able to just npm install and everything should work, so this requires that the package version be updated from you guys.
If not I need to do this ugly stept that would not allow me to easaly integrate this into some open terraform configuration that just does a npm install and things work
"node_modules/node-geocoder/node_modules/node-fetch": {
"version": "2.7.0",
"resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.7.0.tgz",
"integrity": "sha512-c4FRfUm/dbcWZ7U+1Wq0AwCyFL+3nt2bEw05wfxSz+DWpWsitgmSgYmy2dQdWyKC1694ELPqMs/YzUSNozLt8A==",
"dependencies": {
"whatwg-url": "14.0.0"
},
"engines": {
"node": "4.x || >=6.0.0"
},
"peerDependencies": {
"encoding": "^0.1.0"
},
"peerDependenciesMeta": {
"encoding": {
"optional": true
}
}
},
Macos latest os
node -v
v22.0.0
➜ git:(main) ✗ npm -v
10.5.1
Hi @baditaflorin thanks for reporting this I think we probably can switch to use the native fetch module of nodejs here.