-
Bug
-
Resolution: Fixed
-
Low
-
Minor
-
Pre-deployment testing
-
M
Issue Summary
When installing Forge CLI with npm install -g @forge/cli many npm warnings are returned.
Steps to Reproduce
- Run npm install -g @forge/cli
Expected Results
Forge installs with no warnings.
Actual Results
The below exception is thrown in the console:
$ npm install -g @forge/cli
npm warn deprecated inflight@1.0.6: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful.
npm warn deprecated gar@1.0.4: Package no longer supported. Contact Support at https://www.npmjs.com/support for more info.
npm warn deprecated lodash.pick@4.4.0: This package is deprecated. Use destructuring assignment syntax instead.
npm warn deprecated npmlog@4.1.2: This package is no longer supported.
npm warn deprecated lodash.isequal@4.5.0: This package is deprecated. Use require('node:util').isDeepStrictEqual instead.
npm warn deprecated rimraf@3.0.2: Rimraf versions prior to v4 are no longer supported
npm warn deprecated are-we-there-yet@1.1.7: This package is no longer supported.
npm warn deprecated glob@7.2.3: Glob versions prior to v9 are no longer supported
npm warn deprecated glob@8.1.0: Glob versions prior to v9 are no longer supported
npm warn deprecated gauge@2.7.4: This package is no longer supported.
npm warn deprecated memfs@3.6.0: this will be v4changed 892 packages in 22s151 packages are looking for funding
run `npm fund` for details
Workaround
Currently there is no known workaround for this behavior. A workaround will be added here when available
- relates to
-
DEPLOY-359 Failed to load
| Form Name | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
[ECO-712] Installing Forge CLI results in many npm warnings
| Resolution | New: Fixed [ 1 ] | |
| Status | Original: Waiting for Release [ 12075 ] | New: Closed [ 6 ] |
This has now been fixed, see the CHANGELOG here: https://developer.atlassian.com/platform/forge/changelog/#CHANGE-2701
| Status | Original: In Progress [ 3 ] | New: Waiting for Release [ 12075 ] |
| Workflow | Original: JAC Bug Workflow v3 [ 4512198 ] | New: JAC Bug Workflow v4 [ 4567202 ] |
| Status | Original: Short Term Backlog [ 12074 ] | New: In Progress [ 3 ] |
The ticket description left out the part about vulnerable dependencies, which is the other half of the problem here.
27 vulnerabilities (3 low, 3 moderate, 19 high, 2 critical)
| Assignee | New: Angelina Ignatova [ cf6d969a1067 ] |
| Remote Link | Original: This issue links to "DEPLOY-359 (Jira)" [ 995547 ] | New: This issue links to "DEPLOY-359 (Ecosystem Platform)" [ 995547 ] |
| Development Effort | New: M [ 13032 ] | |
| Preventable by | New: Pre-deployment testing [ 19131 ] | |
| Status | Original: Needs Triage [ 10030 ] | New: Short Term Backlog [ 12074 ] |
Per Dan's comment above, although the deprecations are now gone, I am still seeing vulnerabilities on install: