Dependency issues regarding security

[anonrig]

I'm getting similar errors like this that indicates module changes, vulnerabilities and deprecated packages.

warning react-native > xcode > node-uuid@1.4.7: use uuid module instead
warning gitbook-cli > npm > request > node-uuid@1.4.7: use uuid module instead
warning gitbook-cli > npm > request > tough-cookie@2.2.2: ReDoS vulnerability parsing Set-Cookie https://nodesecurity.io/advisories/130
warning gitbook-cli > npm > lodash.isarray@4.0.0: This package is deprecated. Use Array.isArray.
warning gitbook-cli > npm > node-gyp > minimatch@1.0.0: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
warning gitbook-cli > npm > node-gyp > glob > minimatch@2.0.10: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue

[lelandrichardson]

@anonrig thanks for posting this issue! This appears to be issues with gitbook's dependencies, and not something we are directly in control of.

Would you be kind enough to create an issue in their repo? https://github.com/GitbookIO/gitbook-cli

To assuade any concern, this is a dev dependency and should pose no practical security risk to your machine, since this is only used for running the local docs server.

[lelandrichardson]

I'm going to close, but let me know if you have any more questions.