"npm warn deprecated" is this normal?

1 Answer 136 Views
General Discussions
Michael
Top achievements
Rank 1
Michael asked on 01 May 2025, 03:33 AM
PS C:\....\telerik\kendouiTest> npm install @progress/kendo-ui
npm warn deprecated inflight@1.0.6: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful.
npm warn deprecated npmlog@5.0.1: This package is no longer supported.
npm warn deprecated rimraf@3.0.2: Rimraf versions prior to v4 are no longer supported
npm warn deprecated glob@7.2.3: Glob versions prior to v9 are no longer supported
npm warn deprecated are-we-there-yet@2.0.0: This package is no longer supported.
npm warn deprecated gauge@3.0.2: This package is no longer supported.

added 82 packages, and audited 86 packages in 34s

16 packages are looking for funding
  run `npm fund` for details

found 0 vulnerabilities
Troy S.
Top achievements
Rank 1
commented on 02 May 2025, 10:03 PM

On a related note, how do we tell if a particular version is deprecated or not?  I tried using npm retire on kendo.web.min.js but it had no information.  I looked at several versions' Release History pages but they didn't mention active/deprecation status, e.g. Kendo UI R3 2021 (version 2021.3.914) - Kendo UI for jQuery Release History | Telerik.

1 Answer, 1 is accepted

Sort by
0
Nikolay
Telerik team
answered on 05 May 2025, 08:32 AM

Hello Michael,

Seeing warnings about deprecated packages during an npm install is quite normal. These warnings indicate that certain packages being installed are no longer maintained or supported by their authors. Here’s a breakdown of what each warning means:

 - inflight@1.0.6: This module is not supported and leaks memory. It suggests using `lru-cache` as an alternative.
 - npmlog@5.0.1: This package is no longer supported.
 - rimraf@3.0.2: Versions prior to v4 are no longer supported.
 - glob@7.2.3: Versions prior to v9 are no longer supported.
 - are-we-there-yet@2.0.0: This package is no longer supported.
 - gauge@3.0.2: This package is no longer supported.

These warnings are informational and do not necessarily prevent the installation or functioning of your project. However, it is a good practice to address them to ensure your project remains secure and up-to-date. Here are some steps you can take:

Steps to Address Deprecated Package Warnings
 - Check for Updates: Look for newer versions of the packages that are deprecated. Sometimes, the maintainers release new versions that are supported.
 - Replace Deprecated Packages: If a package is no longer maintained, consider replacing it with an alternative that offers similar functionality and is actively maintained.
 - Update Dependencies: Ensure that your project's dependencies are up-to-date. This might involve updating the package.json file and running npm update.

- Consult Documentation: Review the documentation of the deprecated packages for any migration guides or recommended alternatives.

To determine if a particular version of an npm package is deprecated, you can use several methods:

 - Using `npm outdated`.

This command shows packages that have newer versions available, but it does not specifically indicate deprecation status.

npm outdated

- Using `npm-deprecated-check`. This npm package can check if the packages in your project are deprecated and recommend alternatives.

npm install -g npm-deprecated-check
npm-deprecated-check

 - Using `npm deprecate`. 

You can check the deprecation status of a package by looking at the package's metadata. If you have a `package-lock.json` file with `lockfileVersion: 2` (npm version 7 or newer), you can use `jq` to find deprecated packages:

jq -r '.packages | to_entries[] | select(.value.deprecated != null) | "\(.key):\n\(.value.deprecated)\n"' package-lock.json

Regards,
Nikolay
Progress Telerik

Love the Telerik and Kendo UI products and believe more people should try them? Invite a fellow developer to become a Progress customer and each of you can get a $50 Amazon gift voucher.

Michael
Top achievements
Rank 1
commented on 06 May 2025, 12:12 AM

Dear Nikolay

This is the Telerik KendoUI the Jquery !!!

In an empty directory I type
npm init -y
npm install @progress/kendo-ui
And then see all these messages.

It's your 
@progress/kendo-ui that has all these, "no longer maintained or supported by their author" packages.

"However, it is a good practice to address them to ensure your project remains secure and up-to-date."
Please follow this advice and update YOUR package which we are paying money for,


Regards Michael

Nikolay
Telerik team
commented on 08 May 2025, 07:43 AM

Hi Michael,

Thank you for the feedback. I will forward it to the respective team so we can see what we can do about the warning messages.

Regards,

Nikolay

Tags
General Discussions
Asked by
Michael
Top achievements
Rank 1
Answers by
Nikolay
Telerik team
Share this question
or