Installing CLI raises warnings

[drammock]

might be time to do an audit of packages.json, bump some things to newest version and see what breaks.

$ npm install -g bids-validator
npm warn deprecated [email protected]: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful.
npm warn deprecated [email protected]: Glob versions prior to v9 are no longer supported

added 979 packages in 32s

115 packages are looking for funding
  run `npm fund` for details

[effigies]

Would be nice, but these are not direct dependencies. We do have a number of things that were not easily upgraded, so we've put on pause:

It would definitely be appreciated if you have time to figure out what it would take to relax these pins. That might be the source of some of these outdated indirect dependencies.

[effigies]

I should note that we're not actively developing the legacy, Node-based validator anymore. We are working on the schema validator, which is Deno-based.

[drammock]

I should note that we're not actively developing the legacy, Node-based validator anymore. We are working on the schema validator, which is Deno-based.

fair enough. In my view curating dependency pins is more "maintenance" than "active development", but 🤷🏻. To me a message like This module is not supported, and leaks memory. Do not use it seems worth making an exception. But if you disagree feel free to close as wontfix... I don't really have the time myself to futz around with dependency pins on an unfamiliar repo.

[effigies]

These specific dependencies are in the test runner's depencency tree: https://npmgraph.js.org/?q=jest

Seems that they know and the release of jest 30 should resolve it: jestjs/jest#15173