Hi team!
Using polkadot/api in Node.js v22 triggers the following deprecation warning:
(node:70238) [DEP0169] DeprecationWarning: `url.parse()` behavior is not standardized and prone to errors that have security implications. Use the WHATWG URL API instead. CVEs are not issued for `url.parse()` vulnerabilities.
This warning appears to be surfacing primarily through the nock dependency node_modules/nock/lib/scope.js
While it is currently just a console warning, the legacy URL API has known parsing inconsistencies that could lead to security issues.
Could we update the dependency tree or migrate to the WHATWG URL API to resolve this and ensure better security?
Environment:
- Node.js: v22.22.2
- @polkadot/api: v16.2.2
Thanks!
Hi team!
Using
polkadot/apiin Node.js v22 triggers the following deprecation warning:(node:70238) [DEP0169] DeprecationWarning: `url.parse()` behavior is not standardized and prone to errors that have security implications. Use the WHATWG URL API instead. CVEs are not issued for `url.parse()` vulnerabilities.This warning appears to be surfacing primarily through the nock dependency
node_modules/nock/lib/scope.jsWhile it is currently just a console warning, the legacy URL API has known parsing inconsistencies that could lead to security issues.
Could we update the dependency tree or migrate to the WHATWG URL API to resolve this and ensure better security?
Environment:
Thanks!