[Bug]: Deprecated npm dependencies warnings on install (v2026.2.24) #26816
Description
Summary
When installing [email protected] globally via npm, several deprecated dependency warnings are shown. Some of these deprecated packages have known security vulnerabilities.
Environment
OpenClaw version: 2026.2.24
Node.js version: (agregar tu versión)
npm version: (agregar tu versión)
OS: Windows
Steps to reproduce
npm install [email protected] --global
Expected behavior
No deprecated dependency warnings on install, or at minimum no packages with known security vulnerabilities.
Actual behavior
These warnings suggest the dependency tree relies on outdated versions of npm's internal tooling. Consider updating transitive dependencies or pinning to patched versions.
OpenClaw version
2026.2.24
Operating system
Windows 11
Install method
npm global
Logs, screenshots, and evidence
npm warn deprecated [email protected]: This module is not supported, and leaks memory.
npm warn deprecated [email protected]: This package is no longer supported.
npm warn deprecated [email protected]: This package is no longer supported.
npm warn deprecated [email protected]: Rimraf versions prior to v4 are no longer supported
npm warn deprecated [email protected]: Old versions of glob are not supported, and contain widely publicized security vulnerabilities
npm warn deprecated [email protected]: This package is no longer supported.
npm warn deprecated [email protected]: This package is no longer supported.
npm warn deprecated [email protected]: This package is no longer supported.
npm warn deprecated [email protected]: This package is no longer supported.
npm warn deprecated [email protected]: Old versions of tar are not supported, and contain widely publicized security vulnerabilities
npm warn deprecated [email protected]: Use your platform's native DOMException instead
npm warn deprecated [email protected]: Old versions of glob are not supported, and contain widely publicized security vulnerabilitiesImpact and severity
Security concern: [email protected] and [email protected] have publicly disclosed security vulnerabilities.
[email protected] has a known memory leak.
Multiple packages (npmlog, gauge, are-we-there-yet) are fully abandoned.
Additional information
These warnings suggest the dependency tree relies on outdated versions of npm's internal tooling. Consider updating transitive dependencies or pinning to patched versions.