npm installation of newman-reporter-htmlextra shows that many packages are deprecated

[yyahav]

Is There An Existing Issue

• I have searched the issue tracker for similar problems.

What Are You Seeing

When trying to install newman-reporter-htmlextra with npm I get the following output:

npm WARN deprecated [email protected]: See https://github.com/lydell/source-map-url#deprecated
npm WARN deprecated [email protected]: Removed event-stream from gulp-header
npm WARN deprecated [email protected]: Please see https://github.com/lydell/urix#deprecated
npm WARN deprecated [email protected]: this library is no longer supported
npm WARN deprecated [email protected]: See https://github.com/lydell/source-map-resolve#deprecated
npm WARN deprecated [email protected]: https://github.com/lydell/resolve-url#deprecated
npm WARN deprecated [email protected]: Please upgrade  to version 7 or higher.  Older versions may use Math.random() in certain circumstances, which is known to be problematic.  See https://v8.dev/blog/math-random for details.
npm WARN deprecated [email protected]: Please upgrade  to version 7 or higher.  Older versions may use Math.random() in certain circumstances, which is known to be problematic.  See https://v8.dev/blog/math-random for details.

changed 307 packages, and audited 308 packages in 14s

8 packages are looking for funding
  run 'npm fund' for details

found 0 vulnerabilities

Although it seems that currently there are no vulnerabilities, the security team in my organization might insist on updated versions of these packages. That should be best practice anyhow.

Steps To Reproduce The Issue

run the following command:
npm install -g newman-reporter-htmlextra

Full Newman Command Or Node Script

newman not yet running (installing newman with npm also shows depcrecations but that's not related)

HTMLEXTRA Version

1.22.11

Newman Version

5.3.2

Additional Context

No response

[github-actions]

Hey @yyahav: 👋 - Thanks for helping to make the reporter better by raising this ticket. I will take a look as soon as I can and get back to you. Cheers, Danny.

[DannyDainton]

Hey,

These are 3rd party dependencies in packages that I'm using in the project for various things - I don't have a say when these will/will not get updated.

This is an open-source reporter, I maintain it as best I can alongside my actual day job but I am not bound to the rules set by your organisation. If you're using this free reporter within your company, then that needs to done with the caveat that packages will get out of date at times.

I always try and make sure things are keeps are up to date as I can but this is also just a side project for me.

[yyahav]

Hi @DannyDainton
First of all thank you so much for this great tool, I know it's a side project and it's very appreciated :)

I understand the limitations of using an open source tool in our enterprise, and as such I wanted to raise this issue so maybe it could be resolved, but I understand that these are 3rd party packages so it might take some time to be updated, if ever.

In any case, currently there are no vulnerabilities, so it should be ok.

Thank you for the support!

[yyahav]

Closed as not planned...

[github-actions]

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.