onury/docma

update deprecated dependencies (or mark this tool itself as deprecated?)

Pomax opened this issue · 0 comments

Pomax commented

Running npm i docma yields:

npm WARN deprecated urix@0.1.0: Please see https://github.com/lydell/urix#deprecated
npm WARN deprecated resolve-url@0.2.1: https://github.com/lydell/resolve-url#deprecated
npm WARN deprecated har-validator@5.1.5: this library is no longer supported
npm WARN deprecated request-promise-native@1.0.9: request-promise-native has been deprecated because it extends the now deprecated request package, see https://github.com/request/request/issues/3142
npm WARN deprecated uuid@3.4.0: Please upgrade  to version 7 or higher.  Older versions may use Math.random() in certain circumstances, which is known to be problematic.  See https://v8.dev/blog/math-random for details.
npm WARN deprecated request@2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142
npm WARN deprecated chokidar@1.5.2: Chokidar 2 will break on node v14+. Upgrade to chokidar 3 with 15x less dependencies.

Which makes sense, it's been years since docma itself got an update, but these are dangerous issues, where some of the dependencies have been disavowed by the original authors so... can those be replaced by still maintained dependencies? Or, can this tool itself be marked as deprecated? (run npm deprecate as owner and NPM takes care of the rest)