[BUG] EOL package joi used in Opensearch-dashboards #5691
Labels
technical debt
If not paid, jeapardizes long-term success and maintainability of the repository.
Comments
AMoo-Miki
added
technical debt
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
Opensearch dashboards depends on a node-module joi 14.3.1 (see here )
As per this link, versions of joi<=14.3.1 have reached EOL and it is recommended to be replaced by @hapi/joi.
However, after 14.3.1, the next version available for joi after 14.3.1 is 17.x (see here).
There is slight confusion though if the new name of the package is joi or @hapi/joi.
Expected behavior
Opensearch-dashboards to not bundle dependencies/libraries that have reached EOL and aren't supported anymore.
Dashboards Version
3.0.0 (main branch of the project)
Ask:
To solve this, it would need a major version hop upgrade of joi from 14.x to 17.x (joi or @hapi/joi) in dependencies in dashboards.
Q1: Is this version upgrade already planned?
Q2: Is it feasible to do this version upgrade now? Are there any risks associated, or any architectural level changes needed with usage of this package?
Request feedback on the issue and mitigation plan for EOL issue.
The text was updated successfully, but these errors were encountered: