Outdated packages like @oclif/*, cli-ux, koa-proxy, and some more

[davidzwa]

Hi, thank you for this nice package!

Optimization Request

I'd like to discuss the possibility of automatically upgrading packages using a Github Actions (GHA) integration like Mend Renovate. Personally I have a lot of positive experience with this approach. One requirement is that GHA does run tests to ensure that the upgraded package does not break.

Please let me know your thoughts, and share if you see alternative approaches or if the proposed path is not suitable for your repository (and what is the impediment).

Context

When installing it I was a bit suprised to notice that a lot of packages are included, among which many are also not supported anymore. From my understanding the openapicmd CLI tool has a lot of features, so from my point of view its important to keep it up-to-date.

Expected result

When installing openapi-client-axios-typegen I was confronted with the fact that it only accepted JSON input. It was throwing (unclear) errors when I programatically called it with .yaml / .yml input. Of course, that is not related to this package.
It did mention in the README of said package that openapicmd typegen was a tool for calling openapi-client-axios-typegen. However when installing openapicmd as a dev dependency, my node_modules increased by about 40 to 50 MB and I got a lot of deprecation warnings. That's a bit much for simply a yaml to json conversion.

I guess I expected there to be yaml compatibility in openapi-client-axios-typegen using ts-yaml or js-yaml. It could be true that this CLI tool does much more than that, maybe a package split is better?

Installation output

This is the output when installing the CLI tool:

Total install size (Windows): 134 MB

And this is the list of (in-)direct dependencies:

info Direct dependencies
└─ openapicmd@2.0.0-rc17
info All dependencies
├─ @ampproject/remapping@2.2.1
├─ @apidevtools/json-schema-ref-parser@9.0.6
├─ @apidevtools/openapi-schemas@2.1.0
├─ @apidevtools/swagger-methods@3.0.2
├─ @apidevtools/swagger-parser@10.1.0
├─ @babel/compat-data@7.23.2
├─ @babel/helper-compilation-targets@7.22.15
├─ @babel/helper-function-name@7.23.0
├─ @babel/helper-hoist-variables@7.22.5
├─ @babel/helper-module-imports@7.22.15
├─ @babel/helper-module-transforms@7.23.0
├─ @babel/helper-simple-access@7.22.5
├─ @babel/helper-string-parser@7.22.5
├─ @babel/helper-validator-option@7.22.15
├─ @babel/helpers@7.23.2
├─ @babel/highlight@7.22.20
├─ @babel/parser@7.23.0
├─ @babel/plugin-syntax-async-generators@7.8.4
├─ @babel/plugin-syntax-bigint@7.8.3
├─ @babel/plugin-syntax-class-properties@7.12.13
├─ @babel/plugin-syntax-import-meta@7.10.4
├─ @babel/plugin-syntax-json-strings@7.8.3
├─ @babel/plugin-syntax-jsx@7.22.5
├─ @babel/plugin-syntax-logical-assignment-operators@7.10.4
├─ @babel/plugin-syntax-nullish-coalescing-operator@7.8.3
├─ @babel/plugin-syntax-numeric-separator@7.10.4
├─ @babel/plugin-syntax-object-rest-spread@7.8.3
├─ @babel/plugin-syntax-optional-catch-binding@7.8.3
├─ @babel/plugin-syntax-optional-chaining@7.8.3
├─ @babel/plugin-syntax-top-level-await@7.14.5
├─ @babel/plugin-syntax-typescript@7.22.5
├─ @babel/template@7.22.15
├─ @bcoe/v8-coverage@0.2.3
├─ @colors/colors@1.5.0
├─ @cspotcode/source-map-support@0.8.1
├─ @exodus/schemasafe@1.3.0
├─ @isaacs/cliui@8.0.2
├─ @istanbuljs/load-nyc-config@1.1.0
├─ @jest/globals@29.7.0
├─ @jest/reporters@29.7.0
├─ @jest/source-map@29.6.3
├─ @jest/test-sequencer@29.7.0
├─ @jridgewell/gen-mapping@0.3.3
├─ @jridgewell/resolve-uri@3.1.1
├─ @jridgewell/set-array@1.1.2
├─ @koa/cors@4.0.0
├─ @nodelib/fs.scandir@2.1.5
├─ @nodelib/fs.stat@2.0.5
├─ @nodelib/fs.walk@1.2.8
├─ @npmcli/config@6.4.0
├─ @npmcli/disparity-colors@3.0.0
├─ @npmcli/git@4.1.0
├─ @npmcli/installed-package-contents@2.0.2
├─ @npmcli/metavuln-calculator@5.0.1
├─ @npmcli/package-json@4.0.1
├─ @npmcli/query@3.0.1
├─ @oclif/command@1.8.36
├─ @oclif/config@1.18.17
├─ @oclif/core@3.5.0
├─ @oclif/help@1.0.15
├─ @oclif/parser@3.8.17
├─ @oclif/plugin-help@6.0.3
├─ @oclif/plugin-plugins@3.9.3
├─ @oclif/screen@1.0.4
├─ @pkgjs/parseargs@0.11.0
├─ @sigstore/sign@1.0.0
├─ @sigstore/tuf@1.0.3
├─ @sinclair/typebox@0.27.8
├─ @sinonjs/commons@3.0.0
├─ @sinonjs/fake-timers@10.3.0
├─ @tootallnate/once@2.0.0
├─ @tsconfig/node10@1.0.9
├─ @tsconfig/node12@1.0.11
├─ @tsconfig/node14@1.0.3
├─ @tsconfig/node16@1.0.4
├─ @tufjs/canonical-json@1.0.0
├─ @tufjs/models@1.0.4
├─ @types/babel__generator@7.6.6
├─ @types/babel__template@7.4.3
├─ @types/babel__traverse@7.20.3
├─ @types/cli-progress@3.11.4
├─ @types/graceful-fs@4.1.8
├─ @types/inquirer@7.3.3
├─ @types/istanbul-lib-coverage@2.0.5
├─ @types/istanbul-lib-report@3.0.2
├─ @types/istanbul-reports@3.0.3
├─ @types/json-schema@7.0.14
├─ @types/lodash.clonedeep@4.5.8
├─ @types/lodash@4.14.200
├─ @types/stack-utils@2.0.2
├─ @types/through@0.0.32
├─ @types/yargs-parser@21.0.2
├─ @types/yargs@17.0.29
├─ abort-controller@3.0.0
├─ accepts@1.3.8
├─ acorn-walk@8.2.0
├─ acorn@8.10.0
├─ agent-base@6.0.2
├─ agentkeepalive@4.5.0
├─ aggregate-error@3.1.0
├─ ajv-draft-04@1.0.0
├─ ajv-formats@2.1.1
├─ ajv@8.12.0
├─ ansicolors@0.3.2
├─ anymatch@3.1.3
├─ archy@1.0.0
├─ are-we-there-yet@4.0.1
├─ arg@4.1.3
├─ argparse@1.0.10
├─ array-union@2.1.0
├─ asn1@0.2.6
├─ astral-regex@2.0.0
├─ async@3.2.4
├─ at-least-node@1.0.0
├─ aws-sign2@0.7.0
├─ aws4@1.12.0
├─ axios@1.5.1
├─ babel-jest@29.7.0
├─ babel-plugin-jest-hoist@29.6.3
├─ babel-preset-jest@29.6.3
├─ base64-js@1.5.1
├─ bcrypt-pbkdf@1.0.2
├─ bin-links@4.0.3
├─ binary-extensions@2.2.0
├─ braces@3.0.2
├─ browserslist@4.22.1
├─ bser@2.1.1
├─ buffer-from@1.1.2
├─ buffer@6.0.3
├─ builtins@5.0.1
├─ bytes@3.1.2
├─ cache-content-type@1.0.1
├─ call-bind@1.0.5
├─ callsites@3.1.0
├─ camelcase@6.3.0
├─ caniuse-lite@1.0.30001551
├─ caseless@0.12.0
├─ char-regex@1.0.2
├─ chardet@0.7.0
├─ chownr@2.0.0
├─ ci-info@3.9.0
├─ cidr-regex@3.1.1
├─ cjs-module-lexer@1.2.3
├─ cli-columns@4.0.0
├─ cli-cursor@3.1.0
├─ cli-table3@0.6.3
├─ cli-ux@6.0.9
├─ cli-width@3.0.0
├─ cliui@8.0.1
├─ clone@1.0.4
├─ cmd-shim@6.0.2
├─ co-body@6.1.0
├─ color-convert@2.0.1
├─ color-name@1.1.4
├─ columnify@1.6.0
├─ combined-stream@1.0.8
├─ common-ancestor-path@1.0.1
├─ common-tags@1.8.2
├─ concat-map@0.0.1
├─ content-disposition@0.5.4
├─ cookie@0.5.0
├─ copy-to@2.0.1
├─ core-util-is@1.0.2
├─ create-jest@29.7.0
├─ create-require@1.1.1
├─ cssesc@3.0.0
├─ dashdash@1.14.1
├─ dedent@1.5.1
├─ deep-equal@1.0.1
├─ deepmerge@4.3.1
├─ defaults@1.0.4
├─ define-data-property@1.1.1
├─ delayed-stream@1.0.0
├─ depd@2.0.0
├─ destroy@1.2.0
├─ detect-newline@3.1.0
├─ diff-sequences@29.6.3
├─ diff@4.0.2
├─ dir-glob@3.0.1
├─ eastasianwidth@0.2.0
├─ ecc-jsbn@0.1.2
├─ ee-first@1.1.1
├─ ejs@3.1.9
├─ electron-to-chromium@1.4.563
├─ encodeurl@1.0.2
├─ encoding@0.1.13
├─ env-paths@2.2.1
├─ err-code@2.0.3
├─ es6-promise@3.3.1
├─ escape-html@1.0.3
├─ esprima@4.0.1
├─ event-target-shim@5.0.1
├─ events@3.3.0
├─ execa@5.1.1
├─ exponential-backoff@3.1.1
├─ extend@3.0.2
├─ external-editor@3.1.0
├─ extract-stack@2.0.0
├─ extsprintf@1.3.0
├─ fast-glob@3.3.1
├─ fast-json-stable-stringify@2.1.0
├─ fast-safe-stringify@2.1.1
├─ fastest-levenshtein@1.0.16
├─ fastq@1.15.0
├─ fb-watchman@2.0.2
├─ figures@3.2.0
├─ filelist@1.0.4
├─ fill-range@7.0.1
├─ find-up@4.1.0
├─ follow-redirects@1.15.3
├─ foreground-child@3.1.1
├─ forever-agent@0.6.1
├─ form-data@4.0.0
├─ fresh@0.5.2
├─ fs.realpath@1.0.0
├─ gauge@5.0.1
├─ gensync@1.0.0-beta.2
├─ get-caller-file@2.0.5
├─ get-intrinsic@1.2.2
├─ get-port@5.1.1
├─ get-stream@6.0.1
├─ getpass@0.1.7
├─ glob-parent@5.1.2
├─ globals@11.12.0
├─ har-schema@2.0.0
├─ har-validator@5.1.5
├─ has-proto@1.0.1
├─ has-symbols@1.0.3
├─ has-tostringtag@1.0.0
├─ html-escaper@2.0.2
├─ http-assert@1.5.0
├─ http-cache-semantics@4.1.1
├─ http-call@5.3.0
├─ http-errors@1.8.1
├─ http-proxy-agent@5.0.0
├─ http-signature@1.2.0
├─ http2-client@1.3.5
├─ https-proxy-agent@5.0.1
├─ human-signals@2.1.0
├─ humanize-ms@1.2.1
├─ humanize-number@0.0.2
├─ iconv-lite@0.4.24
├─ ieee754@1.2.1
├─ ignore-walk@6.0.3
├─ ignore@5.2.4
├─ inflation@2.1.0
├─ inflight@1.0.6
├─ inherits@2.0.4
├─ ini@4.1.1
├─ init-package-json@5.0.0
├─ inquirer@7.3.3
├─ interpret@1.4.0
├─ ip-regex@4.3.0
├─ ip@2.0.0
├─ is-arrayish@0.2.1
├─ is-cidr@4.0.2
├─ is-core-module@2.13.1
├─ is-docker@2.2.1
├─ is-extglob@2.1.1
├─ is-generator-fn@2.1.0
├─ is-generator-function@1.0.10
├─ is-glob@4.0.3
├─ is-lambda@1.0.1
├─ is-number@7.0.0
├─ is-retry-allowed@1.2.0
├─ is-typedarray@1.0.0
├─ isstream@0.1.2
├─ istanbul-lib-instrument@6.0.1
├─ istanbul-lib-source-maps@4.0.1
├─ istanbul-reports@3.1.6
├─ jackspeak@2.3.6
├─ jake@10.8.7
├─ jest-changed-files@29.7.0
├─ jest-circus@29.7.0
├─ jest-cli@29.7.0
├─ jest-docblock@29.7.0
├─ jest-each@29.7.0
├─ jest-json-schema@6.1.0
├─ jest-leak-detector@29.7.0
├─ jest-pnp-resolver@1.2.3
├─ jest-resolve-dependencies@29.7.0
├─ jest@29.7.0
├─ js-tokens@4.0.0
├─ jsesc@2.5.2
├─ json-parse-better-errors@1.0.2
├─ json-schema-traverse@1.0.0
├─ json-schema@0.4.0
├─ json-stringify-nice@1.1.4
├─ json-stringify-safe@5.0.1
├─ json5@2.2.3
├─ jsonfile@4.0.0
├─ jsonparse@1.3.1
├─ jsprim@1.4.2
├─ just-diff-apply@5.5.0
├─ just-diff@6.0.2
├─ keygrip@1.1.0
├─ kleur@3.0.3
├─ klona@2.0.6
├─ koa-bodyparser@4.4.1
├─ koa-convert@2.0.0
├─ koa-logger@3.2.1
├─ koa-mount@4.0.0
├─ koa-proxy@1.0.0-alpha.3
├─ koa-router@12.0.1
├─ koa-send@5.0.1
├─ koa-static@5.0.0
├─ koa@2.14.2
├─ leven@3.1.0
├─ libnpmaccess@7.0.2
├─ libnpmdiff@5.0.20
├─ libnpmexec@6.0.4
├─ libnpmfund@4.2.1
├─ libnpmhook@9.0.3
├─ libnpmorg@5.0.4
├─ libnpmpack@5.0.20
├─ libnpmpublish@7.5.0
├─ libnpmsearch@6.0.2
├─ libnpmteam@5.0.3
├─ libnpmversion@4.0.2
├─ lines-and-columns@1.2.4
├─ load-json-file@5.3.0
├─ locate-path@5.0.0
├─ lodash.clonedeep@4.5.0
├─ lodash.merge@4.6.2
├─ lru-cache@7.18.3
├─ make-dir@4.0.0
├─ make-error@1.3.6
├─ makeerror@1.0.12
├─ media-typer@0.3.0
├─ merge2@1.4.1
├─ methods@1.1.2
├─ mime-db@1.52.0
├─ mimic-fn@2.1.0
├─ minipass-collect@1.0.2
├─ minipass-json-stream@1.0.1
├─ minipass-sized@1.0.3
├─ mkdirp@1.0.4
├─ mock-json-schema@1.1.1
├─ ms@2.1.3
├─ mute-stream@0.0.8
├─ natural-compare@1.4.0
├─ negotiator@0.6.3
├─ node-fetch@2.7.0
├─ node-gyp@9.4.0
├─ node-int64@0.4.0
├─ node-readfiles@0.2.0
├─ node-releases@2.0.13
├─ normalize-path@3.0.0
├─ npm-audit-report@5.0.0
├─ npm-bundled@3.0.0
├─ npm-install-checks@6.3.0
├─ npm-packlist@7.0.4
├─ npm-profile@7.0.1
├─ npm-user-validate@2.0.0
├─ npm@9.8.1
├─ oas-linter@3.2.2
├─ oas-validator@5.0.8
├─ oauth-sign@0.9.0
├─ object-inspect@1.13.1
├─ on-finished@2.4.1
├─ onetime@5.1.2
├─ only@0.0.2
├─ openapi-backend@5.10.5
├─ openapi-schema-validator@12.1.3
├─ openapicmd@2.0.0-rc17
├─ os-tmpdir@1.0.2
├─ p-locate@4.1.0
├─ p-try@2.2.0
├─ pacote@15.2.0
├─ parse-conflict-json@3.0.1
├─ parseurl@1.3.3
├─ passthrough-counter@1.0.0
├─ path-exists@4.0.0
├─ path-is-absolute@1.0.1
├─ path-key@3.1.1
├─ path-parse@1.0.7
├─ path-scurry@1.10.1
├─ path-to-regexp@6.2.1
├─ path-type@4.0.0
├─ pause-stream@0.0.11
├─ performance-now@2.1.0
├─ picocolors@1.0.0
├─ picomatch@2.3.1
├─ pify@4.0.1
├─ pirates@4.0.6
├─ pkg-dir@4.2.0
├─ postcss-selector-parser@6.0.13
├─ process@0.11.10
├─ promise-all-reject-late@1.0.1
├─ promise-call-limit@1.0.2
├─ promise-inflight@1.0.1
├─ prompts@2.4.2
├─ promzard@1.0.0
├─ proxy-from-env@1.1.0
├─ psl@1.9.0
├─ punycode@2.3.0
├─ pure-rand@6.0.4
├─ qrcode-terminal@0.12.0
├─ qs@6.11.2
├─ queue-microtask@1.2.3
├─ raw-body@2.5.2
├─ react-is@18.2.0
├─ read-cmd-shim@4.0.0
├─ readable-stream@4.4.2
├─ rechoir@0.6.2
├─ redeyed@2.1.1
├─ request-promise-core@1.1.4
├─ request-promise-native@1.0.9
├─ request@2.88.2
├─ require-directory@2.1.1
├─ require-from-string@2.0.2
├─ resolve-cwd@3.0.0
├─ resolve-path@1.4.0
├─ resolve.exports@2.0.2
├─ resolve@1.22.8
├─ restore-cursor@3.1.0
├─ retry@0.12.0
├─ reusify@1.0.4
├─ rimraf@3.0.2
├─ run-async@2.4.1
├─ run-parallel@1.2.0
├─ rxjs@6.6.7
├─ safe-buffer@5.2.1
├─ safer-buffer@2.1.2
├─ set-function-length@1.1.1
├─ shebang-command@2.0.0
├─ shebang-regex@3.0.0
├─ shelljs@0.8.5
├─ should-equal@2.0.0
├─ should-format@3.0.3
├─ side-channel@1.0.4
├─ sigstore@1.9.0
├─ sisteransi@1.0.5
├─ smart-buffer@4.2.0
├─ socks-proxy-agent@7.0.0
├─ socks@2.7.1
├─ source-map-support@0.5.13
├─ source-map@0.6.1
├─ spdx-correct@3.2.0
├─ spdx-exceptions@2.3.0
├─ sprintf-js@1.0.3
├─ sshpk@1.18.0
├─ statuses@1.5.0
├─ stealthy-require@1.1.1
├─ string_decoder@1.3.0
├─ string-width-cjs@4.2.3
├─ string-width@4.2.3
├─ strip-ansi-cjs@6.0.1
├─ strip-bom@3.0.0
├─ strip-final-newline@2.0.0
├─ strip-json-comments@3.1.1
├─ supports-color@8.1.1
├─ supports-preserve-symlinks-flag@1.0.0
├─ swagger-editor-dist@4.11.2
├─ swagger-ui-dist@5.9.0
├─ swagger2openapi@7.0.8
├─ test-exclude@6.0.0
├─ text-table@0.2.0
├─ through@2.3.8
├─ tiny-relative-date@1.3.0
├─ tmp@0.0.33
├─ to-fast-properties@2.0.0
├─ to-regex-range@5.0.1
├─ tough-cookie@2.5.0
├─ tr46@0.0.3
├─ ts-node@10.9.1
├─ tsscmp@1.0.6
├─ tuf-js@1.1.7
├─ tweetnacl@0.14.5
├─ type-detect@4.0.8
├─ type-fest@0.21.3
├─ undici-types@5.25.3
├─ unique-filename@3.0.0
├─ unique-slug@4.0.0
├─ unpipe@1.0.0
├─ update-browserslist-db@1.0.13
├─ util-deprecate@1.0.2
├─ uuid@3.4.0
├─ v8-compile-cache-lib@3.0.1
├─ v8-to-istanbul@9.1.3
├─ verror@1.10.0
├─ walker@1.0.8
├─ wcwidth@1.0.1
├─ webidl-conversions@3.0.1
├─ whatwg-url@5.0.0
├─ wrap-ansi-cjs@7.0.0
├─ write-file-atomic@5.0.1
├─ y18n@5.0.8
├─ yargs-parser@21.1.1
├─ yarn@1.22.19
├─ ylru@1.3.2
├─ yn@3.1.1
└─ yocto-queue@0.1.0

[anttiviljami]

Indeed. PRs welcome!

[davidzwa]

PR submitted as requested. Looking forward to hearing your thoughts

[davidzwa]

@anttiviljami could you provide me with an update on the PR?

[anttiviljami]

Replied on the PR 👍

[robogeek]

I know I'm coming a little late to the game on this. I was looking at this same issue - where do all those outdated package warnings come from - and they're all due to openapicmd using old packages. I don't have anything to add to the pull request. So, I'm expressing encouragement that a solution be found.