Hey @MichaelSandritter, I had a look at your dependencies and it seems that punycode is a dependency of @forge/resolver@1.6.3, the latest version of the package no longer has the dependency so upgrading it should help.
I also notice that you have @forge/cli as a dependency, I am not too sure why you need it, it currently also has a dependency on punycode but I don’t imagine that you use anything from it in your app code?
1 Like
@BoZhang thanks for pointing out the @forge/cli dependency. It got in there by mistake.
I looked into your suggestion updating @forge/resolver@1.6.3 to the latest version. Isn’t version 1.6.3 the latest version by now? I only found 1.6.14-next.0 which is tagged as next and 1.6.13-next.0-experimental-97e4b11.
Hi @MichaelSandritter, as of today (30th June) the latest version is 1.6.13 - @forge/resolver - npm
1 Like
Hey there, i’m getting the same error on production only, not on lower environments like development or staging.
npm ls punycode
shows
└─┬ eslint@8.57.1
└─┬ ajv@6.12.6
└─┬ uri-js@4.4.1
└── punycode@2.3.1
where eslint is a dev dependency …
How come it only popped out in production, and never in lower environments ?
Hey @BoZhang
We are also encountering the same error across all environments. I have updated the Forge CLI to the latest version (@forge/cli@12.3.0), but Punycode is still being used.
Runtime environment: nodejs22.x.
results of npm ls punycode:
Hi @UmerTariq, the team is aware of the issue and are working on a fix. There is currently a ticket raised: Jira, we will provide updates there when available.
Thanks,
Bo
1 Like
Hi @IonScorobogaci, that’s strange, have you tried deploying the same code in your production environment across all other environments? If it’s the same code, with the same runtime configuration, it should show up in all environments.
If you are sure that it’s exactly the same code, can you please raise a support request, we can have a closer look, but will need more details from you.
Thanks,
Bo
Hey, sorry just double checked and this is reproducible across all environments (my bad previously stating that only appears on production) 
Btw, this even being logged as an error, it is just a warning right ?
Since the service is not crashing, working as expected 
Hey @ion , yeah that log is a deprecation warning. It would be good to figure out why you have a runtime dependency to eslint in your app though and to remove it if possible.
2 Likes
Hi @BoZhang , same issue here. currently using node 22 and forge cli 12.4.0. Deprecation warnings present in production environment.
As we are making some enhancement for next year forge app pricing, where log is a part of the cost, we expected the deprecation warning should not be logged.
2 Likes
Hi @PerryChung , there is currently a ticket open for removing the deprecated package from the CLI - Jira, can you please upvote and watch the ticket to let the team know it’s important to you, and also to get updates on progress.
These logs are coming from the dependency to the @forge/cli is that correct? Out of curiosity, why did you need to depend on the CLI package in your app code?
Hi @BoZhang thanks for providing the ticket. I have watched the ticket but I didn’t find where I can upvote the ticket.
And yes, these logs are coming from the dependency to the @forge/cli as well as eslint (while eslint is a devDependency, supposedly it will not affect production log, so I assume the issue is caused by forge cli).
After taking your suggestion of removing unnecessary @forge/cli in npm package and redeploy, the issue seems to persist.
Hi @PerryChung , sorry I missed your message. Are you still running into issues? It could be possible for the punycode to be a transitive dependency from a different package that you depend on.
Can you try running npm ls punycode or yarn why punycode (if you use yarn) to see if you this is a dependency of a different package?
hi @BoZhang, the issue still persists. As I mentioned in the previous comment, by using npm ls punycode, I can see that the punycode is one of the eslint dependency, however, I don’t think a development package will effect the production so I assume the issue is from forge cli, which also use the punycode.
Hi @PerryChung, I had a close look at this thing again today, and to clarify things, it is a dependency on the Node built-in punycode that is a problem. There is also a punycode package that is available via npm (this is what shows when you run npm ls punycode). This package isn’t going to cause the deprecation message. So what you should really be looking for is if any of your dependencies does something like
const punycode = require(‘punycode’)
For example this tr46 package used to in version 3 tr46/index.js at v3.0.0 · jsdom/tr46 · GitHub
And to answer your question about dev dependencies - if it is a dev dependency and it isn’t used at runtime, then it should not be bundled into your app code on deployment.
2 Likes