punycode is deprecated in npm - what should I replace it with?

Asked 13/8, 2021 at 14:58 Answered 17/7 at 3:16

Solved node.js angular npm yarnpkg punycode

I'm using the npm module punycode in my Angular project. VsCode tells me it's deprecated and https://nodejs.org/api/punycode.html#punycode_punycode confirms:

The version of the punycode module bundled in Node.js is being deprecated. In a future major version of Node.js this module will be removed. Users currently depending on the punycode module should switch to using the userland-provided Punycode.js module instead.

The suggestion is to switch to the 'userland-provided' module. What is that?

There is a link to https://github.com/mathiasbynens/punycode.js and I tried including that in my package.json instead of 'punycode' and I get the same error.

Tohubohu answered 13/8, 2021 at 14:58 Comment(7)

Did you import the module as instructed in the readme: const punycode = require('punycode/');? – Bossism 13/8, 2021 at 15:38

I think that is for node.js, as it's Angulare we're just using the es6 imports, not the commonJs node ones – Tohubohu 13/8, 2021 at 15:40

It is just to change from where it is resolved. You have to force the import to come from local (node_modules etc.) rather than from node.js libraries. Try import punycode from "punycode/"; for example. – Bossism 13/8, 2021 at 15:43

I have done this, and changed the usages for (for example) toUnicode to punycode.toUnicode() which does "suppress" the deprecation error, but I'm not sure as there is no type knowledge (toUnicode is 'any'), so I will need to check this further and see. Thanks though. – Tohubohu 13/8, 2021 at 16:10

"punycode is deprecated in npm" -- nitpick: punycode is deprecated in node, not in npm – Waynant 15/2 at 11:40

select an answer if you find and solution. – Cottony 9/4 at 9:29

If using Arch or Manjaro do sudo pacman -S nodejs-lts-iron for v20.14.0 LTS version, refer here. Also, say yes for Remove nodejs? [y/N] y when installing. – Isotone 12/6 at 18:46

Recently I faced this same issue.

I highly recommend you use the LTS(long term support) version of the node.

You can validate the version here: https://nodejs.org/en

when I'm writing this answer the node LTS version is 20.10.0

so then in your command line you should perform:

$nvm install 20.10.0
$nvm use 20.10.0

This solves the problem, because makes you use the most tested and approved version.

If I use the version with latest features (actually 21.5.0) I will face the problem reported here. There is an issue open in github to solve it by the way.

You can see more details here: https://github.com/yarnpkg/yarn/issues/9005

Richman answered 30/12, 2023 at 23:5 Comment(5)

"downgrade node" is not a future-proof solution. yarn and pngwin solve this by using punycode from NPM: const punycode = require('punycode/'); – Waynant 15/2 at 11:39

use always long term support version. my problem solved – Calcariferous 15/3 at 20:3

I'm using node v21.7.1 how can I resolve it – Mastat 21/4 at 8:57

I executed these exact commands, but I still get $node -v \ v21.3.0 – Hysteria 21/5 at 21:10

@MUHAMMADSHAHIDRAFICP Once you start using v22 when it becomes LTS in October, you'll likely start seeing this issue unless the libraries using punycode have switched over. It'll still be deprecated – Trine 5/6 at 5:46

Refer to this GitHub issue

In my case, despite not using punycode directly in my codebase, Nodemailer relies on it. To address this, I implemented a custom script, as detailed in the linked GitHub issue.

If your situation differs, you may need to identify which library is utilizing punycode and apply a similar workaround until an official fix is released. Feel free to share a test case publicly, and I'd be happy to assist you further.

Zolner answered 6/12, 2023 at 0:18 Comment(0)

While punycode is deprecated, you can still use it at least for now and bear with the warning. However, to prepare for its future removal, it's still good practice to figure out where it is used and address it before it is removed. It's better to be safe than sorry later.

Trace down where punycode is used by passing --trace-deprecation option to node. If it's triggered by npx, run npx with ----node-options --trace-deprecation.
Address the code that triggers the warning.
- If this is your own code, replace punycode with alternatives.
- If this is a dependency, contact the maintainer of the dependency. Chances are the dependency may be unmaintained if the warning has been left for a long time. If this is the case, it's better replacing the dependency.

Quesnay answered 7/5 at 6:4 Comment(0)

From my experience, this solution with ('punycode/') - does not work. It doesn't seem to have any problems with any LTS version, but on anything 21.^ and above - unfortunately not a single hack I've seen - does NOT work (so far). I tried the final LTS version (v20.11.0) this morning and it works.

Veilleux answered 26/1 at 9:10 Comment(0)

I also got the message:

(node:14220) [DEP0040] DeprecationWarning: The punycode module is deprecated. Please use a userland alternative instead.

I solved it by running npm update ajv.

AJV stands for Another JSON Schema Validator.

Quarto answered 2/2 at 20:48 Comment(1)

The change that removed the punycode dependency in ajv was reverted a few weeks ago so this may not work/might stop working. – Cutright 10/7 at 15:40

Frequently, usage of the punycode module was simply for conversion of a domain name to ASCII, e.g., when MIME-encoding an address.

Yes, the module does a lot more, but commonly, you're just using the toASCII() function, handing it a domain name. For that, this deprecation, confusion over the magic trailing slash, further confusion when using ESM imports, all ends up being a bit complicated.

If that's the case, then the domainToASCII() function in the node:url package might be a simpler way to get your desired result.

Contradictory answered 17/2 at 23:8 Comment(0)

Fixed

As Mentioned at NPM

https://www.npmjs.com/package/punycode#installation

First

Throw VSC Search Bar

You Must Press 3 Points at Right Bottom AND Select ./node_modules IN 'files to include' Text Box

OR Right Click ON node_modules Folder and Select 'Find On Folder'

THEN You Can Replace ALL

require("punycode"); WITH require("punycode/");

AND All Ones with Single Quotes Too

require('punycode'); WITH require('punycode/');

Moratorium answered 12/6 at 9:44 Comment(0)

Step1:

Use npm ls punycode to find the dependencies that is using punycode.

In my case, that is ajv, which is from typescript-eslint/parser

from node_modules/@typescript-eslint/parser
  └─┬ [email protected]
    └─┬ [email protected]
      └── [email protected]

When I look into ajv and found it's resolved in newer version, I override the version of ajv by editing package.json

  "overrides": {
    "ajv": "^8.17.1"
  }

npm ls punycode says there is no dependence anymore. But in my case, when running the app again, the warning is still there.

Step2

By add --trace-deprecation the compile script, we found other dependencies that is still using punycode

"scripts": {
    "compile": "tsc && node --trace-deprecation dist/src/app.js",
}

And found whatwg-url is the one that is using punycode.

└─┬ @google-cloud/[email protected]
  └─┬ [email protected]
    └─┬ [email protected]
      └─┬ [email protected]
        └─┬ [email protected]
          └── [email protected]

When looking into whatwg-url, the newer version also address the issue.

We update package.json again

  "overrides": {
    "ajv": "^8.17.1",
    "whatwg-url": "^14.0.0"
  }

No warning anymore :)

Arianaariane answered 17/7 at 3:16 Comment(0)

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Step1:

Step2

Recommended topics

Hot tags