amplify-js: uuid package out of date may cause problems with random numbers
Before opening, please confirm:
- I have searched for duplicate or closed issues and discussions.
- I have read the guide for submitting bug reports.
- I have done my best to include a minimal, self-contained set of instructions for consistently reproducing the issue.
JavaScript Framework
React, Next.js
Amplify APIs
Authentication
Amplify Categories
auth
Environment information
# Put output below this line
System:
OS: macOS 11.3.1
CPU: (4) x64 Intel(R) Core(TM) i5-7360U CPU @ 2.30GHz
Memory: 49.06 MB / 8.00 GB
Shell: 3.2.57 - /bin/bash
Binaries:
Node: 15.7.0 - /usr/local/bin/node
Yarn: 1.22.10 - /usr/local/bin/yarn
npm: 7.4.3 - /usr/local/bin/npm
Browsers:
Chrome: 91.0.4472.106
Safari: 14.1
npmPackages:
@ampproject/toolbox-optimizer: undefined ()
@aws-amplify/ui-components: ^1.3.1 => 1.4.0
@aws-amplify/ui-react: ^1.2.0 => 1.2.2
@babel/core: undefined ()
@babel/eslint-parser: ^7.12.1 => 7.14.5
@babel/eslint-plugin: ^7.12.13 => 7.14.5
@babel/plugin-transform-react-jsx: ^7.10.4 => 7.14.5
@babel/preset-env: ^7.10.4 => 7.14.5
@babel/preset-react: ^7.10.4 => 7.14.5
@fullstory/babel-plugin-annotate-react: ^2.1.0 => 2.1.2
@fullstory/browser: ^1.4.9 => 1.4.9
@lambdatest/node-tunnel: ^3.0.0 => 3.0.1
@material-ui/core: ^4.11.0 => 4.11.4
@material-ui/icons: ^4.9.1 => 4.11.2
@material-ui/lab: ^4.0.0-alpha.56 => 4.0.0-alpha.58
@material-ui/pickers: ^4.0.0-alpha.12 => 4.0.0-alpha.12 (3.2.2)
@material-ui/pickers-adapter-date-fns: undefined ()
@material-ui/pickers-adapter-dayjs: undefined ()
@material-ui/pickers-adapter-luxon: undefined ()
@material-ui/pickers-adapter-moment: undefined ()
@reduxjs/toolkit: ^1.6.0 => 1.6.0
@reduxjs/toolkit-query: 1.0.0
@reduxjs/toolkit-query-react: 1.0.0
@sentry/fullstory: ^1.1.5 => 1.1.5
@sentry/nextjs: ^6.7.0 => 6.7.1
@testing-library/jest-dom: 4.2.4 => 4.2.4
@testing-library/react: ^11.2.5 => 11.2.7
@testing-library/react-hooks: ^5.0.3 => 5.1.3
@types/jest: ^26.0.5 => 26.0.23
@types/material-ui: ^0.21.8 => 0.21.8
@types/node: ^14.14.33 => 14.17.3 (15.12.2, 11.15.54)
@types/react: ^17.0.2 => 17.0.11
@types/react-dom: ^17.0.2 => 17.0.7
@typescript-eslint/eslint-plugin: ^4.14.2 => 4.27.0
@typescript-eslint/parser: ^4.14.2 => 4.27.0
@wojtekmaj/enzyme-adapter-react-17: ^0.4.1 => 0.4.1
amphtml-validator: undefined ()
amplify-ui-components-loader: undefined ()
arg: undefined ()
async-retry: undefined ()
async-sema: undefined ()
aws-amplify: ^4.0.2 => 4.1.0
axios: ^0.21.1 => 0.21.1 (0.19.2)
babel-jest: ^26.1.0 => 26.6.3
bfj: undefined ()
cacache: undefined ()
chromedriver: ^85.0.1 => 85.0.1
ci-info: undefined ()
comment-json: undefined ()
compression: undefined ()
conf: undefined ()
content-type: undefined ()
cookie: undefined ()
css-loader: undefined ()
date-fns: ^2.21.3 => 2.22.1 (2.0.0-alpha.27)
debug: undefined ()
devalue: undefined ()
enzyme: ^3.11.0 => 3.11.0
escape-string-regexp: undefined ()
eslint: ^7.19.0 => 7.28.0
eslint-config-prettier: ^7.2.0 => 7.2.0
eslint-plugin-babel: ^5.3.1 => 5.3.1
eslint-plugin-i18next: ^5.0.0 => 5.1.1
eslint-plugin-jest: ^24.1.3 => 24.3.6
eslint-plugin-jsx-a11y: ^6.4.1 => 6.4.1
eslint-plugin-prettier: ^3.3.1 => 3.4.0
eslint-plugin-react: ^7.22.0 => 7.24.0
eslint-plugin-react-hooks: ^4.2.0 => 4.2.0
eslint-plugin-react-perf: ^3.3.0 => 3.3.0
eslint-plugin-sonarjs: ^0.5.0 => 0.5.0
eslint-plugin-unicorn: ^27.0.0 => 27.0.0
file-loader: undefined ()
find-cache-dir: undefined ()
find-up: undefined ()
fresh: undefined ()
gzip-size: undefined ()
http-proxy: undefined ()
i18next: ^19.8.9 => 19.9.2
ignore-loader: undefined ()
is-animated: undefined ()
is-docker: undefined ()
is-wsl: undefined ()
isomorphic-fetch: ^3.0.0 => 3.0.0
jest: ^26.1.0 => 26.6.3
jest-cucumber: ^3.0.0 => 3.0.1
jest-junit: ^11.1.0 => 11.1.0
jest-sonar-reporter: ^2.0.0 => 2.0.0
json5: undefined ()
jsonwebtoken: undefined ()
loader-utils: undefined ()
lodash.curry: undefined ()
lru-cache: undefined ()
material-table: ^1.69.1 => 1.69.3
md5: ^2.3.0 => 2.3.0
mini-css-extract-plugin: undefined ()
moxios: ^0.4.0 => 0.4.0
nanoid: undefined ()
neo-async: undefined ()
next: ^10.2.1 => 10.2.3
ora: undefined ()
postcss-flexbugs-fixes: undefined ()
postcss-loader: undefined ()
postcss-preset-env: undefined ()
postcss-scss: undefined ()
prettier: ^2.2.1 => 2.3.1
prop-types: ^15.7.2 => 15.7.2 (15.6.2)
react: ^17.0.1 => 17.0.2
react-dom: ^17.0.1 => 17.0.2
react-dropzone: ^11.3.1 => 11.3.2
react-feather: ^2.0.8 => 2.0.9
react-i18next: ^11.8.9 => 11.11.0
react-image: ^4.0.2 => 4.0.3
react-redux: ^7.2.4 => 7.2.4
react-test-renderer: ^16.14.0 => 16.14.0 (17.0.2)
react-vis: ^1.11.7 => 1.11.7
recast: undefined ()
redux-devtools-extension: ^2.13.9 => 2.13.9
resolve-url-loader: undefined ()
sass-loader: undefined ()
schema-utils: undefined ()
selenium-webdriver: ^4.0.0-alpha.7 => 4.0.0-beta.4
semver: undefined ()
send: undefined ()
source-map: undefined ()
string-hash: undefined ()
strip-ansi: undefined ()
styled-components: ^5.3.0 => 5.3.0
styled-components/macro: undefined ()
styled-components/native: undefined ()
styled-components/primitives: undefined ()
terser: undefined ()
text-table: undefined ()
ts-node: ^9.1.1 => 9.1.1
typescript: ^4.2.3 => 4.3.3
unistore: undefined ()
web-vitals: undefined ()
webpack: undefined ()
webpack-sources: undefined ()
with-typescript: undefined ()
npmGlobalPackages:
@aws-amplify/cli: 4.51.2
npm: 7.4.3
Describe the bug
I get several warnings when installing aws-amplify package using yarn. It is complaining about the version of uuid used. Which is significantly behind the current version. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
Expected behavior
No warnings
Reproduction steps
- yarn add aws-amplify
- yarn install
Code Snippet
// Put your code below this line.
Log output
// Put your logs below this line
warning aws-amplify > @aws-amplify/predictions > uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
warning aws-amplify > @aws-amplify/datastore > uuid@3.3.2: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
warning aws-amplify > @aws-amplify/analytics > uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
warning aws-amplify > @aws-amplify/predictions > @aws-sdk/client-comprehend > uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
warning aws-amplify > @aws-amplify/predictions > @aws-sdk/client-translate > uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
warning aws-amplify > @aws-amplify/pubsub > uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
warning aws-amplify > @aws-amplify/predictions > @aws-sdk/client-polly > @aws-sdk/middleware-retry > uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
warning aws-amplify > @aws-amplify/api > @aws-amplify/api-graphql > uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
aws-exports.js
No response
Manual configuration
No response
Additional configuration
No response
Mobile Device
No response
Mobile Operating System
No response
Mobile Browser
No response
Mobile Browser Version
No response
Additional information and screenshots
No response
About this issue
- Original URL
- State: open
- Created 3 years ago
- Reactions: 11
- Comments: 34 (11 by maintainers)
Commits related to this issue
- Upgrade to latest version of uuid package. This will eliminate some of the warnings reported in #8464. — committed to MatrixFrog/amplify-js by MatrixFrog 3 years ago
- Upgrade to latest version of uuid package. This will eliminate some of the warnings reported in #8464. — committed to MatrixFrog/amplify-js by MatrixFrog 3 years ago
- Remove unnecessary dependency on 'uuid' This is a small step toward eliminating the warnings reported in #8464. — committed to MatrixFrog/amplify-js by MatrixFrog 3 years ago
- Upgrade to latest version of uuid package. This will eliminate some of the warnings reported in #8464. — committed to MatrixFrog/amplify-js by MatrixFrog 3 years ago
- Upgrade to latest version of uuid package. This will eliminate some of the warnings reported in #8464. — committed to MatrixFrog/amplify-js by MatrixFrog 3 years ago
- Remove unnecessary dependency on 'uuid' (#8960) This is a small step toward eliminating the warnings reported in #8464. — committed to aws-amplify/amplify-js by MatrixFrog 3 years ago
- chore: Upgrade to latest version of uuid package. (#8953) * Upgrade to latest version of uuid package. This will eliminate some of the warnings reported in #8464. Co-authored-by: Ashika <35131273... — committed to aws-amplify/amplify-js by MatrixFrog 3 years ago
Still getting a lot of these errors
Happy 3 years little issue ๐.
Hello everyone, we are going to be fixing this issue as part of our next major version bump. We will provide updates when we get closer to delivering it!
@evcodes the issue is still present. Could you re-open please?
That is the plan @V-iktor ! All of these peer dependencies that show these warnings are going to be cleaned up as well!
Still happening in
aws-amplify 5.3.10๐กโWARNโ deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.AWS, please resolve this, itโs really been too long for such a small yet high impact fix. You guys should be keeping dependencies up to date on set intervals and setting the standard for others to follow. This issue has been open for 3 years!
Re-opening the issue to keep track and figure out a path forward for uuid upgrade.
Hi @abarke - we are cleaning this up as part of our dev preview for v6 - updating this dependency causes a breaking change and therefore requires a major version bump. In general moving forward post v6, we will be minimizing the use of third party dependencies as much as possible, and periodically ensure we update the ones we do end up using. Totally agreed that this should have been resolved much earlier on. We will do better!
You can check out the new developer preview here https://github.com/aws-amplify/amplify-js/issues/12147#issue-1917900154
Nice! Would be nice to have a look at all of these weird peer dependencies also ๐บ
warning "@aws-amplify/auth > @aws-amplify/core > react-native-url-polyfill@1.3.0" has unmet peer dependency "react-native@*".Any updates here?
Still open
I am still facing this issue.
npm WARN deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
I am using aws-amplify 4.3.42.
I still have a PR out at https://github.com/aws-amplify/amplify-js/pull/9299 but I would love some guidance on what sort of testing is needed.
Hi,
Yes I am in fact I just reinstalled the package, as part of my other ticket, on yarn and it still produces the warnings