You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Subscribe to this issue to receive critical updates on this advisory.
Summary
Applies to:
@achrinza/node-ipc@^10
Deprecated:
@achrinza/node-ipc@10.1.0
@achrinza/node-ipc@10.1.1
Replacement:
@achrinza/node-ipc@10.1.2
Description
Out of an abundance of caution,v10.1.0 and v10.1.1 have been deprecated in favor of v10.1.2 as they contained nested transitive development dependencies that are managed by @/riaevangelist (The original author of node-ipc).
The offending transitive development dependencies are:
node-cmd@^4.0.0
vanilla-test@^1.4.8
1.4.8
ansi-colors-es6@^5.0.0
strong-type@^1.0.1
1.0.1
vanilla-test@*
1.1.0
vanilla-test@*
1.4.9
ansi-colors-es6@^5.0.0
strong-type@^1.1.0
1.1.0
vanilla-test@*
v10.1.2 resolves this issue by pinning to node-cmd@4.0.0 and switching vanilla-test to @node-ipc/vanilla-test. There are no code changes in v10.1.2.
At the time of writing, we have no reason to believe that any of these dependencies had any malicious code. However, this may change in the future and we strongly recommend upgrading the v10 version range to ^10.1.2.
The text was updated successfully, but these errors were encountered:
Repository owner
locked and limited conversation to collaborators
Mar 20, 2022
Deprecation of
v10.1.0
andv10.1.1
Subscribe to this issue to receive critical updates on this advisory.
Summary
Applies to:
@achrinza/node-ipc@^10
Deprecated:
@achrinza/node-ipc@10.1.0
@achrinza/node-ipc@10.1.1
Replacement:
@achrinza/node-ipc@10.1.2
Description
Out of an abundance of caution, v10.1.0 and v10.1.1 have been deprecated in favor of v10.1.2 as they contained nested transitive development dependencies that are managed by @/riaevangelist (The original author of
node-ipc
).The offending transitive development dependencies are:
node-cmd@^4.0.0
vanilla-test@^1.4.8
1.4.8
ansi-colors-es6@^5.0.0
strong-type@^1.0.1
1.0.1
vanilla-test@*
1.1.0
vanilla-test@*
1.4.9
ansi-colors-es6@^5.0.0
strong-type@^1.1.0
1.1.0
vanilla-test@*
v10.1.2 resolves this issue by pinning to
node-cmd@4.0.0
and switchingvanilla-test
to@node-ipc/vanilla-test
. There are no code changes in v10.1.2.At the time of writing, we have no reason to believe that any of these dependencies had any malicious code. However, this may change in the future and we strongly recommend upgrading the v10 version range to
^10.1.2
.The text was updated successfully, but these errors were encountered: