Remove inflight deprecation warnings via npm overrides

[Copilot]

The [email protected] package triggers deprecation warnings about memory leaks during npm install. It's a transitive dependency pulled in through older [email protected] versions used by various dev dependencies.

Changes

Added npm overrides section to package.json:

"overrides": {
  "glob": "^10.3.10",
  "inflight": "npm:noop-package@^1.0.0"
}

• Forces all transitive dependencies to use [email protected], which doesn't depend on inflight
• Replaces any remaining inflight references with a no-op package
• Updated package-lock.json reflects the overridden dependency tree

Result

• Eliminates inflight deprecation warnings during installation
• Removes memory leak vulnerability from dependency tree
• Maintains backward compatibility (glob 10.x is compatible with 7.x consumers)

Original prompt

Problem

The project is showing npm deprecation warnings for [email protected]:

npm warn deprecated [email protected]: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful.

The inflight package is a transitive dependency that comes through older versions of the glob package (v7.x and earlier), which is used by several dev dependencies including @electron/asar, @ionic/v1-toolkit, and other packages.

Solution

Implement npm package overrides in package.json to force the use of newer versions of glob (v10.x) that don't depend on inflight, and replace any remaining inflight usage with a no-op package.

Required Changes

1. Add an overrides section to package.json with the following:

   "overrides": {
     "glob": "^10.3.10",
     "inflight": "npm:noop-package@^1.0.0"
   }

2. The overrides will:

   • Force all transitive dependencies to use glob v10.x instead of older v7.x versions
   • Replace inflight with a lightweight no-op package to avoid the memory leak
   • Maintain compatibility with existing functionality since newer glob versions are backward compatible

3. After implementing the changes:

   • Run npm install to regenerate package-lock.json with the overridden dependencies
   • The deprecation warning should no longer appear

Expected Outcome

• No more deprecation warnings for inflight
• Memory leak vulnerability eliminated
• All dependencies continue to function normally with the newer glob version
• package-lock.json will be updated to reflect the overridden dependencies

Testing Recommendations

After merging:

1. Run npm install to ensure clean installation
2. Test Electron builds: npm run electron
3. Test distribution builds for all platforms
4. Verify Gulp tasks still work correctly
5. Confirm no new deprecation warnings appear

This pull request was created from Copilot chat.

---

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.