@adobe/aio-cli — Deprecation Warning Analysis
Warnings:
❯ npm install -g @adobe/aio-cli
npm warn Unknown user config "always-auth" (//artifactory-no1.corp.adobe.com/artifactory/api/npm/npm-wxp-dev/:always-auth). This will stop working in the next major version of npm.
npm warn deprecated [email protected]: Package no longer supported. Contact Support at https://www.npmjs.com/support for more info.
npm warn deprecated [email protected]: This functionality has been moved to @npmcli/fs
npm warn deprecated @npmcli/[email protected]: This functionality has been moved to @npmcli/fs
npm warn deprecated [email protected]: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful.
npm warn deprecated [email protected]: This package is no longer supported. Please use @npmcli/package-json instead.
npm warn deprecated [email protected]: This package is no longer supported.
npm warn deprecated @npmcli/[email protected]: This functionality has been moved to @npmcli/fs
npm warn deprecated @npmcli/[email protected]: This functionality has been moved to @npmcli/fs
npm warn deprecated [email protected]: Rimraf versions prior to v4 are no longer supported
npm warn deprecated [email protected]: This package is no longer supported.
npm warn deprecated [email protected]: This package is no longer supported.
npm warn deprecated [email protected]: Rimraf versions prior to v4 are no longer supported
npm warn deprecated [email protected]: Rimraf versions prior to v4 are no longer supported
npm warn deprecated [email protected]: Rimraf versions prior to v4 are no longer supported
npm warn deprecated [email protected]: Rimraf versions prior to v4 are no longer supported
npm warn deprecated [email protected]: Rimraf versions prior to v4 are no longer supported
npm warn deprecated [email protected]: Rimraf versions prior to v4 are no longer supported
npm warn deprecated [email protected]: Rimraf versions prior to v4 are no longer supported
npm warn deprecated [email protected]: Rimraf versions prior to v4 are no longer supported
npm warn deprecated [email protected]: This package is no longer supported.
npm warn deprecated [email protected]: This package is no longer supported.
npm warn deprecated [email protected]: This package is no longer supported.
npm warn deprecated [email protected]: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting [email protected]
npm warn deprecated [email protected]: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting [email protected]
npm warn deprecated [email protected]: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting [email protected]
npm warn deprecated [email protected]: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting [email protected]
npm warn deprecated [email protected]: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting [email protected]
npm warn deprecated [email protected]: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting [email protected]
npm warn deprecated [email protected]: This package is no longer supported.
npm warn deprecated [email protected]: This package is no longer supported.
npm warn deprecated [email protected]: This package is no longer supported.
npm warn deprecated [email protected]: This package is no longer supported.
npm warn deprecated [email protected]: Old versions of tar are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting [email protected]
npm warn deprecated [email protected]: uuid@10 and below is no longer supported. For ESM codebases, update to uuid@latest. For CommonJS codebases, use uuid@11 (but be aware this version will likely be deprecated in 2028).
npm warn deprecated [email protected]: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting [email protected]
npm warn deprecated [email protected]: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting [email protected]
npm warn deprecated [email protected]: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting [email protected]
npm warn deprecated [email protected]: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting [email protected]
npm warn deprecated [email protected]: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting [email protected]
added 1955 packages, and changed 1 package in 1m
321 packages are looking for funding
run `npm fund` for details
Key Finding: overrides Won't Help End Users
The overrides field in package.json (which already sets rimraf: ^5 and tar: ^7)
only applies when the package is the root project (i.e., local dev installs).
When users run npm install -g @adobe/aio-cli, npm ignores these overrides entirely.
This is why users still see rimraf@2/3 warnings despite the override being present.
Root Causes by Source
| Old dependency in plugin-app |
Deprecated packages it brings in |
yeoman-environment@^3.2.0 |
npmlog@5, are-we-there-yet@2, gauge@3, readdir-scoped-modules, debuglog, @npmcli/arborist@4, @npmcli/move-file@1 |
archiver@^5.3.1 |
archiver-utils@2/3 → glob@7, inflight |
unzipper@^0.10.11 |
fstream@1 → rimraf@2 |
Their transitive node-gyp@8/9 additionally brings in: npmlog@6, are-we-there-yet@3,
gauge@4, @npmcli/move-file@2, glob@8
archiver@6 → archiver-utils@4 → glob@8
- Pins
uuid@^8.3.0 directly — even the latest v4.x does this
jest-junit@16 (devDep only — does not affect end users)
What Can Be Fixed in This Repo
Very little — the deprecated packages all originate in plugin repos:
jest-junit@17 — upgrading won't help; it still depends on uuid@^14 per its manifest
[email protected] — comes from [email protected] (direct devDep); no rimraf@6+ exists yet that uses glob@11
What Needs to Be Fixed in Plugin / Lib Repos
| Repo & change |
Warnings eliminated |
@adobe/aio-cli-plugin-app: yeoman-environment@^3 → ^4 |
npmlog@5, are-we-there-yet@2, gauge@3, readdir-scoped-modules, debuglog, @npmcli/arborist@4, @npmcli/move-file@1 |
@adobe/aio-cli-plugin-app: archiver@^5 → ^7 |
glob@7, inflight |
@adobe/aio-cli-plugin-app: unzipper@^0.10 → ^0.12+ or replace with fflate |
fstream, rimraf@2 |
@adobe/aio-cli-plugin-app-dev: archiver@^6 → ^7 |
glob@8 (via archiver-utils@4) |
@adobe/aio-lib-state: update @azure/cosmos once they drop uuid@8 |
uuid@8 |
Priority: Upgrading yeoman-environment@3 → 4 in plugin-app alone would
eliminate roughly half of all warnings. The archiver and unzipper upgrades
cover most of the rest.
@adobe/aio-cli— Deprecation Warning AnalysisWarnings:
Key Finding:
overridesWon't Help End UsersThe
overridesfield inpackage.json(which already setsrimraf: ^5andtar: ^7)only applies when the package is the root project (i.e., local dev installs).
When users run
npm install -g @adobe/aio-cli, npm ignores these overrides entirely.This is why users still see rimraf@2/3 warnings despite the override being present.
Root Causes by Source
@adobe/[email protected]— main culprityeoman-environment@^3.2.0npmlog@5,are-we-there-yet@2,gauge@3,readdir-scoped-modules,debuglog,@npmcli/arborist@4,@npmcli/move-file@1archiver@^5.3.1archiver-utils@2/3→glob@7,inflightunzipper@^0.10.11fstream@1→rimraf@2Their transitive
node-gyp@8/9additionally brings in:npmlog@6,are-we-there-yet@3,gauge@4,@npmcli/move-file@2,glob@8@adobe/[email protected]archiver@6→archiver-utils@4→glob@8@adobe/aio-lib-state→@azure/[email protected]uuid@^8.3.0directly — even the latest v4.x does thisjest-junit@16(devDep only — does not affect end users)uuid@8What Can Be Fixed in This Repo
Very little — the deprecated packages all originate in plugin repos:
jest-junit@17— upgrading won't help; it still depends onuuid@^14per its manifest[email protected]— comes from[email protected](direct devDep); no rimraf@6+ exists yet that uses glob@11What Needs to Be Fixed in Plugin / Lib Repos
@adobe/aio-cli-plugin-app:yeoman-environment@^3→^4npmlog@5,are-we-there-yet@2,gauge@3,readdir-scoped-modules,debuglog,@npmcli/arborist@4,@npmcli/move-file@1@adobe/aio-cli-plugin-app:archiver@^5→^7glob@7,inflight@adobe/aio-cli-plugin-app:unzipper@^0.10→^0.12+ or replace withfflatefstream,rimraf@2@adobe/aio-cli-plugin-app-dev:archiver@^6→^7glob@8(via archiver-utils@4)@adobe/aio-lib-state: update@azure/cosmosonce they drop uuid@8uuid@8