Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update *send* dependency #14

Open
pdehaan opened this issue Sep 17, 2014 · 0 comments
Open

Update *send* dependency #14

pdehaan opened this issue Sep 17, 2014 · 0 comments

Comments

@pdehaan
Copy link

pdehaan commented Sep 17, 2014

See https://nodesecurity.io/advisories/send-directory-traversal

For a full list of outdated modules, see:

$ git clone https://github.com/wearefractal/lute.git .

$ npm install

$ npm shrinkwrap --dev
wrote npm-shrinkwrap.json

$ # sudo npm i nsp -g
$ nsp audit-shrinkwrap
Name  Installed   Patched  Vulnerable Dependency
send    0.6.0    >= 0.8.4  lute
qs      0.6.6     >= 1.x   lute > tiny-lr

$ npm outdated --depth 0
Package        Current  Wanted  Latest  Location
gulp-util       2.2.20  2.2.20   3.0.1  gulp-util
minimist         0.2.0   0.2.0   1.1.0  minimist
replacestream    0.1.4   0.1.4   0.2.0  replacestream
send             0.6.0   0.6.0   0.9.2  send
tiny-lr          0.0.9   0.0.9   0.1.4  tiny-lr

$ travis-lint # http://lint.travis-ci.org/wearefractal/lute

$ # sudo npm i pjv -g
$ pjv -wr
package.json is NOT valid
{ valid: false,
  errors: [ 'Type for field repository, was expected to be object, not string' ],
  warnings:
   [ 'Missing recommended field: keywords',
     'Missing recommended field: bugs',
     'Missing recommended field: contributors' ] }
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant