[opensuse] node-red, node.js, npm deprecated?
I decided to play with node-red. I have no experience with it or with node.js or with docker. I gathered that the best way to install it was to install the other components from the openSUSE repositories, including npm, and then install node-red using npm. When I did, I got a bunch of warnings about deprecated modules/components/whatever (I don't know the correct terminology). Since I've no idea what I'm doing, I have no idea whether they matter, or how to fix them if they do. So I'm hoping that somebody on here is more familiar with this stuff than I am and can tell me whether I need to worry. This is the npm output: # npm install -g --unsafe-perm node-red npm WARN deprecated mailparser@0.6.2: Mailparser versions older than v2.3.0 are deprecated npm WARN deprecated nodemailer@1.11.0: All versions below 4.0.1 of Nodemailer are deprecated. See https://nodemailer.com/status/ npm WARN deprecated mimelib@0.3.1: This project is unmaintained npm WARN deprecated mailcomposer@2.1.0: This project is unmaintained npm WARN deprecated buildmail@2.0.0: This project is unmaintained /usr/local/bin/node-red -> /usr/local/lib/node_modules/node-red/red.js /usr/local/bin/node-red-pi -> /usr/local/lib/node_modules/node-red/bin/node-red-pi
bcrypt@2.0.1 install /usr/local/lib/node_modules/node-red/node_modules/bcrypt node-pre-gyp install --fallback-to-build
[bcrypt] Success: "/usr/local/lib/node_modules/node-red/node_modules/bcrypt/lib/binding/bcrypt_lib.node" is installed via remote + node-red@0.19.5 added 396 packages in 45.807s -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Sat, 5 Jan 2019 23:07:23 +0000 Dave Howorth <dave@howorth.org.uk> wrote:
I decided to play with node-red. I have no experience with it or with node.js or with docker. I gathered that the best way to install it was to install the other components from the openSUSE repositories, including npm, and then install node-red using npm.
When I did, I got a bunch of warnings about deprecated modules/components/whatever (I don't know the correct terminology). Since I've no idea what I'm doing, I have no idea whether they matter, or how to fix them if they do. So I'm hoping that somebody on here is more familiar with this stuff than I am and can tell me whether I need to worry.
Just FYI. I posted a similar question to the node-red forum and was quickly answered 'nothing to worry about'. Apparently it's an artefact of continuing to support an old version of node.js (v4) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Sun, 6 Jan 2019 12:32:53 +0000 Dave Howorth <dave@howorth.org.uk> wrote:
On Sat, 5 Jan 2019 23:07:23 +0000 Dave Howorth <dave@howorth.org.uk> wrote:
... I gathered that the best way to install it was to install the other components from the openSUSE repositories, including npm
So I've been playing and now have another question. https://docs.npmjs.com/downloading-and-installing-node-js-and-npm says npm should preferably be installed using a node version manager, to avoid permission problems. But the openSUSE package installs it so that it uses /usr/local/lib as its base directory, which does indeed lead to permissions problems (the need to run as root to use the -g option on npm) So does anybody use npm on openSUSE? What's the best way to resolve this? Is there a rationale for the openSUSE packaging choice published somewhere? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 01/08/2019 05:33 PM, Dave Howorth wrote:
On Sun, 6 Jan 2019 12:32:53 +0000 Dave Howorth <dave@howorth.org.uk> wrote:
On Sat, 5 Jan 2019 23:07:23 +0000 Dave Howorth <dave@howorth.org.uk> wrote:
... I gathered that the best way to install it was to install the other components from the openSUSE repositories, including npm
So I've been playing and now have another question.
https://docs.npmjs.com/downloading-and-installing-node-js-and-npm says npm should preferably be installed using a node version manager, to avoid permission problems.
But the openSUSE package installs it so that it uses /usr/local/lib as its base directory, which does indeed lead to permissions problems (the need to run as root to use the -g option on npm)
So does anybody use npm on openSUSE? What's the best way to resolve this? Is there a rationale for the openSUSE packaging choice published somewhere?
Sorry Dave, I can't help you with the permissions issue, but be aware of vulnerabilities with node.js and friends such as: https://www.cvedetails.com/vulnerability-list/vendor_id-12113/product_id-307... (which seem to pop up on a fairly regular basis with the package) I know you use good practices, but I can recall several articles of late where that alone wouldn't save you with node.js. -- David C. Rankin, J.D.,P.E. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
participants (2)
-
Dave Howorth -
David C. Rankin