npm WARN deprecated minimatch@0.2.14: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue #1948

stephenfeather · 2016-07-25T19:05:07Z

├─┬ nativescript@2.1.1
│ ├─┬ gaze@1.0.0
│ │ └─┬ globule@0.2.0
│ │ ├─┬ glob@3.2.11
│ │ │ └── minimatch@0.3.0
│ │ └── minimatch@0.2.14

This is a flaw inherited from dependancies. gaze was updated to 1.1.0 on Apr 27th, globule updated a month ago (Jun 22) to upgrade minimatch

rosen-vladimirov · 2016-07-29T08:08:51Z

Hi @stephenfeather ,
Thanks for reporting this. I've submitted a PR for updating some of the dependencies, including gaze. However the warning for minimatch version is still in the output as there's no new version of broccoli dependency. Also at the moment we can use only a specific version of node-inspector, which depends on old version of minimatch.

rosen-vladimirov self-assigned this Jul 26, 2016

rosen-vladimirov mentioned this issue Jul 29, 2016

Update dependencies in order to fix minimatch warning #1963

Merged

rosen-vladimirov added 1 - In Progress and removed 1 - In Progress labels Jul 29, 2016

enchev added this to the 2.2.0 milestone Aug 1, 2016

enchev added the feature label Aug 1, 2016

enchev closed this as completed Aug 1, 2016

pkoleva added 3 - Done and removed 2 - Ready For Test labels Sep 8, 2016

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

npm WARN deprecated minimatch@0.2.14: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue #1948

npm WARN deprecated minimatch@0.2.14: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue #1948

stephenfeather commented Jul 25, 2016

rosen-vladimirov commented Jul 29, 2016

npm WARN deprecated minimatch@0.2.14: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue #1948

npm WARN deprecated minimatch@0.2.14: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue #1948

Comments

stephenfeather commented Jul 25, 2016

rosen-vladimirov commented Jul 29, 2016