Deprecated packages used by npm-check-update

[crystalfp]

• I have searched for similar issues
• I am using the latest version of npm-check-updates
• I am using node >= 10.17

---

Steps to Reproduce

Moved to node version 15.5.1 on Linux.
ncu -u Said an update is available for npm-check-updates from 7.0.1 to 10.2.5 so I upgraded:
npm i -g npm-check-updates This shows two deprecations warnings (see below). These warnings were present also in old versions of ncu.

Current Behavior

The above upgrade command shows two deprecation warnings:

npm WARN deprecated [email protected]: this library is no longer supported
npm WARN deprecated [email protected]: request has been deprecated, see https://github.com/request/request/issues/3142

added 294 packages, and audited 295 packages in 10s

22 packages are looking for funding
  run `npm fund` for details

found 0 vulnerabilities

Expected Behavior

It is not a blocking bug, but I expect no warning after a major version upgrade.
Thanks for looking!
mario

[raineorshine]

Hi! The outdated dependency belongs to node-gyp and can be tracked in nodejs/node-gyp#2047. Considering the widespread use of node-gyp across the node ecosystem, I imagine this is affecting many projects.

Here's the relevant dependency tree in npm-check-updates:

$ npm ls request
[email protected] /Users/raine/projects/npm-check-updates
└─┬ [email protected]
  └─┬ @npmcli/[email protected]
    └─┬ [email protected]
      └── [email protected]

har-validator is a dependency of request

I'm going to mark this a dependency bug and close. Thanks!

[crystalfp]

OK, raised again the issue in nodejs/node-gyp/2047