You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As of 14 Feb 2017, running npm install on a fresh clone of this repo gives three deprecation warnings:
npm WARN deprecated minimatch@0.3.0: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
npm WARN deprecated to-iso-string@0.0.2: to-iso-string has been deprecated, use @segment/to-iso-string instead.
npm WARN deprecated jade@0.26.3: Jade has been renamed to pug, please install the latest version of pug instead of jade
There are other outdated dependencies (npm outdated lists browserify 13.3.0/14.0.0, radium 0.17.2/0.18.1, and shipit-cli 1.5.2/2.0.0); my expectation/hope is that a relative newbie to Node and to this project should find updating those and ensuring that none of the existing tests break ought to be a fairly gentle, low-risk ramping-up exercise.
minimatch
The minimatch package is used by several direct and indirect dependencies; nearly all match against the current version (presently 3.0.3). minimatch@0.3.0 is, however, a dependency of glob@3.2.11 (current version: 7.1.1), itself a dependency of koa-hbs@0.7.0. An optimist might conjecture that updating koa-hbs to the current 0.9.0 should fix that, considering that that package's current package.jsonspecifies a version of glob matching "^7.0.5".
to-iso-string
The (original, deprecated) to-iso-string is listed as a dependency in the package.json for Mocha 2.5.3; it is not so listed in the current Mocha 3.2.0 package.json. That's apparently because a newer version of @segment/to-iso-string has been copied into the lib directory since version 3.0.0-2; technically, since Commit mochajs/mocha@37fa564. That suggests to our optimist that updating our dev dependency on Mocha from "^2.5.3" to "^3.2.0"should solve the issue, providing no other changes to Mocha break the current tests.
jade/pug
According to the README for pug, jade was renamed to avoid colliding with a registered trademark. Inspection of the README history suggests that this dates from around March, 2016. Again, updating Mocha should remove the deprecation warning, since Mocha replaced jade with pug effective with Commit f50ad28, which was rolled into release 3.0.0-0 (Beta).
The text was updated successfully, but these errors were encountered:
As of 14 Feb 2017, running
npm install
on a fresh clone of this repo gives three deprecation warnings:There are other outdated dependencies (
npm outdated
listsbrowserify
13.3.0/14.0.0,radium
0.17.2/0.18.1, andshipit-cli
1.5.2/2.0.0); my expectation/hope is that a relative newbie to Node and to this project should find updating those and ensuring that none of the existing tests break ought to be a fairly gentle, low-risk ramping-up exercise.minimatch
The
minimatch
package is used by several direct and indirect dependencies; nearly all match against the current version (presently 3.0.3).minimatch@0.3.0
is, however, a dependency ofglob@3.2.11
(current version: 7.1.1), itself a dependency ofkoa-hbs@0.7.0
. An optimist might conjecture that updatingkoa-hbs
to the current 0.9.0 should fix that, considering that that package's currentpackage.json
specifies a version ofglob
matching"^7.0.5"
.to-iso-string
The (original, deprecated)
to-iso-string
is listed as a dependency in thepackage.json
for Mocha 2.5.3; it is not so listed in the current Mocha 3.2.0package.json
. That's apparently because a newer version of@segment/to-iso-string
has been copied into thelib
directory since version3.0.0-2
; technically, since Commit mochajs/mocha@37fa564. That suggests to our optimist that updating our dev dependency on Mocha from"^2.5.3"
to"^3.2.0"
should solve the issue, providing no other changes to Mocha break the current tests.jade
/pug
According to the README for
pug
,jade
was renamed to avoid colliding with a registered trademark. Inspection of the README history suggests that this dates from around March, 2016. Again, updating Mocha should remove the deprecation warning, since Mocha replacedjade
withpug
effective with Commit f50ad28, which was rolled into release 3.0.0-0 (Beta).The text was updated successfully, but these errors were encountered: