2019 Update of Community SDK dependencies

Question

Just trying to get set up with the Community SDK on my Mac (and miserably failing, but that is a different story). When running the&nbsp;npm install lithium-sdk -gcommand there is a never-ending list of deprecation notices about moved, unmaintained and even unsupported packages, e.g.&nbsp;npm WARN deprecated hawk@1.1.1: This module moved to @hapi/hawk. Please make sure to switch over as this distribution is no longer supported and may contain bugs and critical security issues.
npm WARN deprecated cryptiles@0.2.2: This version has been deprecated in accordance with the hapi support policy (hapi.im/support). Please upgrade to the latest version to get the best features, bug fixes, and security patches. If you are unable to upgrade at this time, paid support is available for older versions (hapi.im/commercial).
npm WARN deprecated sntp@0.2.4: This module moved to @hapi/sntp. Please make sure to switch over as this distribution is no longer supported and may contain bugs and critical security issues.
npm WARN deprecated boom@0.4.2: This version has been deprecated in accordance with the hapi support policy (hapi.im/support). Please upgrade to the latest version to get the best features, bug fixes, and security patches. If you are unable to upgrade at this time, paid support is available for older versions (hapi.im/commercial).
npm WARN deprecated hoek@0.9.1: This version has been deprecated in accordance with the hapi support policy (hapi.im/support). Please upgrade to the latest version to get the best features, bug fixes, and security patches. If you are unable to upgrade at this time, paid support is available for older versions (hapi.im/commercial).&nbsp;Is there a chance to move the code base to a safer environment by updating to more modern, supported packages any time soon? I am a bit concerned to install all these outdated packages on my work machine. 😱

samr · Answer

I have no idea what this means but the dev team feel it needs to be looked at. Happy devs, happy life for me.&nbsp;🙂 🙂

robertt · Answer

Second this, as a workaround for the short term I use nvm to install Node v8.3.0 on my machines and switch to that version which should run fine.

It is a bit of a pain though having so much of it dependent on outdated packages, some security risks there.

jake_n · Answer

I also agree that is should be updated. This would make things easier if there are issues due to the availability of support for the newer version or modern packages.

I would think it as a lesser pain for both Khoros Support and us.

arnaudl · Answer

Hi Claudius&nbsp;and RobertT&nbsp; : there's a discussion going on about this and&nbsp;NickH&nbsp;should be able to tell you more about what's planned !

malcolm-m · Answer

Definitely needs some love. 2 releases since December 2017 one of which added a language pack and the other was a bug fix for the first release.

Forum Discussion

2019 Update of Community SDK dependencies

Related Content

Re: Khoros Cookies Datasheet (Community, Care, Marketing, CX Insights, Khoros Bot)

About Aurora community languages

Audit Read, Update, and Delete (CRUD) actions

Re: Update an idea’s status

Real-time Community Firehose

Recent Discussions

Using LiQL or SQL on Aurora instead of GraphQL?

Dynamic Values in custom fields into Aurora

Usage report

Where are the Dev Docs?

Boosting a User