Ionic-cli: Missing peer dependencies when start new App (v4 beta 1)
Description:
A lot of warnings of deprecated packages, missing dependencies, during npm install. Thats a new project created with ionic start Newapp blank --type=angular:
Steps to Reproduce:
create a new project using blank template:
ionic start Newapp blank --type=angular:
Output:
Peer dependencies related to Ionic packages:
npm notice created a lockfile as package-lock.json. You should commit this file.
npm WARN @ionic/[email protected] requires a peer of @angular-devkit/[email protected] but none is installed. You must install peer dependencies yourself.
npm WARN @ionic/[email protected] requires a peer of @angular-devkit/[email protected] but none is installed. You must install peer dependencies yourself.
npm WARN @ionic/[email protected] requires a peer of @angular-devkit/[email protected] but none is installed. You must install peer dependencies yourself.
npm WARN @ionic/[email protected] requires a peer of @angular-devkit/[email protected] but none is installed. You must install peer dependencies yourself.
npm WARN @ionic/[email protected] requires a peer of @angular-devkit/[email protected] but none is installed. You must install peer dependencies yourself.
npm WARN @ionic/[email protected] requires a peer of @angular-devkit/[email protected] but none is installed. You must install peer dependencies yourself.
some others related to third party packages:
npm WARN deprecated [email protected]: 1.2.0 should have been a major version bump
npm WARN deprecated [email protected]: All versions below 4.0.1 of Nodemailer are deprecated. See https://nodemailer.com/status/
npm WARN deprecated [email protected]: This project is unmaintained
npm WARN deprecated [email protected]: If using 2.x branch, please upgrade to at least 2.1.6 to avoid a serious bug with socket data flow and an import issue introduced in 2.1.0
npm WARN deprecated [email protected]: stop using this version
npm WARN deprecated [email protected]: Use uuid module instead
npm WARN deprecated [email protected]: This project is unmaintained
npm WARN deprecated [email protected]: If using 2.x branch, please upgrade to at least 2.1.6 to avoid a serious bug with socket data flow and an import issue introduced in 2.1.0
found 6 vulnerabilities (1 low, 5 moderate)
run `npm audit fix` to fix them, or `npm audit` for details
My ionic info:
Ionic:
ionic (Ionic CLI) : 4.0.3 (/Users/xxxx/.nvm/versions/node/v8.11.3/lib/node_modules/ionic)
Ionic Framework : @ionic/angular 4.0.0-beta.1
@angular-devkit/core : 0.7.2
@angular-devkit/schematics : 0.7.2
@angular/cli : 6.1.2
@ionic/ng-toolkit : 1.0.2
@ionic/schematics-angular : 1.0.3
System:
NodeJS : v8.11.3 (/Users/xxx/.nvm/versions/node/v8.11.3/bin/node)
npm : 6.3.0
OS : macOS High Sierra
Other Information:
N/A
MrSparklle
All 3 comments
Thank you! The peer dependency warnings are remnants of our time in alpha. I've loosened the requirements now that things have stabilized a bit and the warnings no longer appear. 馃帀 The fix was here and here.
The issues npm audit is warning about mostly related to dependencies of karma. We will update once 3.0 comes out (see this issue). Every new Angular app right now has more than double the number of "vulnerabilities" according to npm and it's not going to be addressed in this issue.
Most of the deprecated modules are also from karma.
The deprecation/audit warnings aren't pretty, but they're a result of the absolutely _massive_ dependency tree modern JS apps deal with. The issue exists far downstream from Ionic, and affects many others outside Ionic. If you run npm audit for a detailed report, you can see the "path" of dependencies. For example, this issue about hoek is due to this dependency path: karma > log4js > loggly > request > hawk > hoek. The fix must come from hawk, then request, then loggly, then log4js, then karma before ionic start will cease to give that warning.
Thanks for the issue! Unless I'm missing something, I'll be closing it as I believe it is resolved.
imhoffd
on 7 Aug 2018
Karma 3.0 comes out. If possible, please, update.
MrSparklle
on 13 Aug 2018
imhoffd
on 13 Aug 2018
Related issues
secret4info
路
3Comments
petermetz
路
3Comments
phyr0s
路
3Comments
richardshergold
路
3Comments
Tito1337
路
3Comments
Most helpful comment
Thank you! The peer dependency warnings are remnants of our time in alpha. I've loosened the requirements now that things have stabilized a bit and the warnings no longer appear. 馃帀 The fix was here and here.
The issues
npm auditis warning about mostly related to dependencies of karma. We will update once 3.0 comes out (see this issue). Every new Angular app right now has more than double the number of "vulnerabilities" according to npm and it's not going to be addressed in this issue.Most of the deprecated modules are also from karma.
The deprecation/audit warnings aren't pretty, but they're a result of the absolutely _massive_ dependency tree modern JS apps deal with. The issue exists far downstream from Ionic, and affects many others outside Ionic. If you run
npm auditfor a detailed report, you can see the "path" of dependencies. For example, this issue about hoek is due to this dependency path:karma > log4js > loggly > request > hawk > hoek. The fix must come fromhawk, thenrequest, thenloggly, thenlog4js, thenkarmabeforeionic startwill cease to give that warning.Thanks for the issue! Unless I'm missing something, I'll be closing it as I believe it is resolved.