Resolving Deprecated Dependencies and Security Vulnerabilities in Strapi GraphQL Plugin Installation

System Information
  • Strapi Version: 3.6.11
  • Operating System: Win10
  • **DatabasepostGres:
  • Node Version: 20.10
  • NPM Version: 9.2
  • Yarn Version: 1.22.19

Hello,

I am currently following the tutorial on Next.js, React Hooks, and Strapi for a Restaurant Application. While installing the GraphQL plugin with the command npm install @strapi/plugin-graphql, I encountered several deprecation warnings and vulnerability notices. The installation process displayed warnings related to the deprecation of various Apollo Server packages and reported 15 vulnerabilities (2 moderate, 13 high).

Here’s a snippet of the warnings:

javascriptCopy code

npm install @strapi/plugin-graphql
npm WARN deprecated apollo-datasource@3.3.2: The `apollo-datasource` package is part of Apollo Server v2 and v3, which are now deprecated...
... [additional warnings] ...
npm WARN deprecated apollo-server-core@3.12.1: The `apollo-server-core` package is part of Apollo Server v2 and v3, which are now deprecated...
... [additional warnings] ...
15 vulnerabilities (2 moderate, 13 high)

I understand that these warnings indicate that the dependencies used by the Strapi GraphQL plugin are outdated and will soon reach their end-of-life. My concern is about the potential security vulnerabilities and the future compatibility of these packages.

Is there an alternative way to install the GraphQL plugin without these deprecated dependencies? Or is there an update planned to address these issues? Any guidance on how to proceed with a safer and more up-to-date installation would be greatly appreciated.

Thank you for your assistance.