Deprecation of v10.1.0 and v10.1.1
#14
Comments
Repository owner
locked and limited conversation to collaborators
Mar 20, 2022
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Deprecation of
v10.1.0andv10.1.1Subscribe to this issue to receive critical updates on this advisory.
Summary
Applies to:
@achrinza/node-ipc@^10Deprecated:
@achrinza/node-ipc@10.1.0@achrinza/node-ipc@10.1.1Replacement:
@achrinza/node-ipc@10.1.2Description
Out of an abundance of caution, v10.1.0 and v10.1.1 have been deprecated in favor of v10.1.2 as they contained nested transitive development dependencies that are managed by @/riaevangelist (The original author of
node-ipc).The offending transitive development dependencies are:
node-cmd@^4.0.0vanilla-test@^1.4.81.4.8ansi-colors-es6@^5.0.0strong-type@^1.0.11.0.1vanilla-test@*1.1.0vanilla-test@*1.4.9ansi-colors-es6@^5.0.0strong-type@^1.1.01.1.0vanilla-test@*v10.1.2 resolves this issue by pinning to
node-cmd@4.0.0and switchingvanilla-testto@node-ipc/vanilla-test. There are no code changes in v10.1.2.At the time of writing, we have no reason to believe that any of these dependencies had any malicious code. However, this may change in the future and we strongly recommend upgrading the v10 version range to
^10.1.2.The text was updated successfully, but these errors were encountered: