Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.
Sign upGitHub is where the world builds software
Millions of developers and companies build, ship, and maintain their software on GitHub — the largest and most advanced development platform in the world.
Node Security Platform giving error for a dependency (https://github.com/indexzero/TimeSpan.js). #20
Comments
|
Thanks we will have to find where this package is used and try to update or replace it. I'm not sure it's super high priority because the developer was talking about 50,000 character log messages which are much longer than typical. I'm not sure such long messages are best practice since they would be difficult to display or read. Nevertheless it would be good to improve the regex. Feel free to submit a PR if you get to it before us. |
|
@mostlyjason The problem is that people run NSP or similar security checks at build time and the builds fail. If you could fix this, it would be awesome! |
|
@marin-liovic thanks that makes sense! |
|
This should be fixed now closing |
NSP is giving security warning for timespan package.
Here is the advisory provided:
https://nodesecurity.io/advisories/533
Here is the link to issue on the package's github
indexzero/TimeSpan.js#10
This package is no longer maintained. Latest commit was in Aug 2016.
The text was updated successfully, but these errors were encountered: