Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Deprecated Warning every run of the action #41

Open
flaxel opened this issue Apr 12, 2021 · 6 comments
Open

Deprecated Warning every run of the action #41

flaxel opened this issue Apr 12, 2021 · 6 comments
Assignees

Comments

@flaxel
Copy link

flaxel commented Apr 12, 2021

When the action is always running in my repository, I always get the following warnings:

[@octokit/rest] `const Octokit = require("@octokit/rest")` is deprecated. Use `const { Octokit } = require("@octokit/rest")` instead

This should be fixable by updating the dependencies in the package.json file. Is there a reason why the versions are not explicitly there, but direct files are given? Would it make sense to add a dependabot file to get security updates etc.?

@rodrigoargumedo
Copy link

I think that comes from the actions/github tar archive zip with the following file github.d.ts inside the toolkit folder. I disagree with the updating the dependencies because it can cause to potentially break functionality and add additional errors along the way. You want to unzip them before working on them.

@rodrigoargumedo
Copy link

It just requires to change that one-line from that file and use const { module } = require(module_name/class_name) code.

@flaxel
Copy link
Author

flaxel commented May 14, 2021

So the procedure would be to edit the file. I could do that over the weekend. 😄

I disagree with the updating the dependencies because it can cause to potentially break functionality and add additional errors along the way.

I would not support the statement. The new versions close security gaps and possibly allow further use of the action. To guarantee the functionality of the action, tests should be written to prevent such problems.

@utkarshsethi
Copy link

@flaxel

Hi is this resolved?

I see you closed the pr without merging

@flaxel
Copy link
Author

flaxel commented Dec 24, 2021

Oh I didn't know why I'm closing this PR. But I guess it is better to use something like a build management tool.

@ncalteen
Copy link
Collaborator

This should be taken care of by #296 :)

@ncalteen ncalteen self-assigned this Feb 22, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging a pull request may close this issue.

4 participants