fix punycode2

[jacob314]

Summary

Fixes #19818 by disabling the punycode warning.

Unfortunately deps on punycode are too deep and the warning is too hard to remove so this is the only viable path forward.

Repro:

vm use 24.13.1
npx -y https://github.com/google-gemini/gemini-cli#fix_punycode2

[gemini-code-assist]

Summary of Changes

Hello @jacob314, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request focuses on essential maintenance by updating various development dependencies and proactively addressing a specific Node.js deprecation warning. The changes aim to keep the project's dependencies current and ensure cleaner execution logs by suppressing the DEP0040 warning associated with the punycode module, without completely removing it if it's a transitive dependency.

Highlights

• Dependency Updates: Several development dependencies, including ESLint, Acorn, and esquery, have been updated to their latest versions to ensure compatibility and leverage new features or fixes.
• Punycode Warning Mitigation: The direct dependency on punycode has been removed, and measures have been implemented to suppress the DEP0040 deprecation warning related to the punycode module. This includes modifying shebangs in executable scripts and adding a Node.js argument to the start.js script.

Changelog

• package-lock.json
  • Removed punycode from the top-level dependencies list.
  • Updated eslint to version 9.39.3.
  • Updated acorn to version 8.16.0.
  • Updated esquery to version 1.7.0.
  • Adjusted eslint-visitor-keys entries, including removing a nested one and updating/adding others.
  • Marked the punycode package as devOptional in its node_modules entry.
  • Updated eslint in a sub-package's devDependencies to 9.39.3.
• package.json
  • Updated eslint to version 9.39.3 in devDependencies.
  • Removed punycode from dependencies.
• packages/a2a-server/src/http/server.ts
  • Modified the shebang to include --no-warnings=DEP0040 to suppress specific Node.js deprecation warnings.
• packages/cli/index.ts
  • Modified the shebang to include --no-warnings=DEP0040 to suppress specific Node.js deprecation warnings.
• packages/vscode-ide-companion/package.json
  • Updated the eslint dev dependency to version 9.39.3.
• scripts/start.js
  • Added --no-warnings=DEP0040 to the Node.js arguments to suppress specific deprecation warnings during script execution.

Activity

• No human activity has been recorded on this pull request yet.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[github-actions]

Size Change: +23 B (0%)

Total Size: 25.7 MB

ℹ️ View Unchanged

Filename	Size	Change
./bundle/gemini.js	25.3 MB	+23 B (0%)
./bundle/node_modules/@google/gemini-cli-devtools/dist/client/main.js	221 kB	0 B
./bundle/node_modules/@google/gemini-cli-devtools/dist/src/_client-assets.js	227 kB	0 B
./bundle/node_modules/@google/gemini-cli-devtools/dist/src/index.js	11.5 kB	0 B
./bundle/node_modules/@google/gemini-cli-devtools/dist/src/types.js	132 B	0 B
./bundle/sandbox-macos-permissive-open.sb	890 B	0 B
./bundle/sandbox-macos-permissive-proxied.sb	1.31 kB	0 B
./bundle/sandbox-macos-restrictive-open.sb	3.36 kB	0 B
./bundle/sandbox-macos-restrictive-proxied.sb	3.56 kB	0 B
./bundle/sandbox-macos-strict-open.sb	4.82 kB	0 B
./bundle/sandbox-macos-strict-proxied.sb	5.02 kB	0 B

_{compressed-size-action}

[gemini-code-assist]

Code Review

The pull request updates several core dependencies and attempts to silence the DEP0040 deprecation warning related to the punycode module. While silencing the warning provides a cleaner output, the current implementation introduces portability issues in the shebangs and represents a regression in future-proofing by moving away from the recommended userland alternative. Specifically, the use of the -S flag in env is not portable across all Unix-like environments (e.g., minimal Alpine Linux images), and removing the punycode dependency forces the use of the deprecated built-in module.

I am having trouble creating individual review comments. Click here to see my feedback.

package.json (134)

Removing the userland punycode dependency while silencing the DEP0040 warning is a regression in terms of future-proofing. Node.js explicitly recommends using a userland alternative because the built-in punycode module is deprecated and slated for removal. By removing the package and hiding the warning, the project becomes dependent on a deprecated API that will eventually be removed from the runtime. It is recommended to keep the dependency and ensure the code uses the userland version (e.g., by using import punycode from 'punycode/').

packages/cli/index.ts (1)

The use of env -S in the shebang is not portable. This is a GNU/macOS extension and will fail on systems with a standard POSIX env that lacks the -S flag, such as minimal Docker images based on Alpine Linux. This will prevent the CLI from starting, resulting in a 'No such file or directory' error. Consider handling warning suppression through other means, such as NODE_OPTIONS or by migrating to the userland punycode module to eliminate the warning at its source.

#!/usr/bin/env node

packages/a2a-server/src/http/server.ts (1)

The use of env -S in the shebang is not portable and will cause execution failures in environments with a basic POSIX env (e.g., Alpine Linux). This is particularly relevant given the project's requirement to run in Docker environments. It is better to avoid passing interpreter flags via env in the shebang.

#!/usr/bin/env node

[jacob314]

/patch preview

[github-actions]

✅ Patch workflow(s) dispatched successfully!

📋 Details:

• Channels: preview
• Commit: 6676546a4b4eb8bbc17f5f1a476f8116d4d2fd78
• Workflows Created: 1

🔗 Track Progress:

• View patch workflows
• This workflow run