Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update dev dependencies. #1110

Closed
protonate opened this issue Apr 7, 2017 · 1 comment
Closed

Update dev dependencies. #1110

protonate opened this issue Apr 7, 2017 · 1 comment
Labels
build process

Comments

@protonate
Copy link
Collaborator

Type of issue

Improvement

Description

With #1109 we'll start using yarn as the npm registry client for packages. This seems a good time to update packages where necessary. Below are the current warnings during a yarn install.

Other information

warning gulp-karma@0.0.4: Please use Karma directly: https://github.com/karma-runner/gulp-karma
warning gulp-jshint > minimatch@2.0.10: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
warning karma-coverage > minimatch@0.3.0: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
warning istanbul > fileset > minimatch@2.0.10: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
warning karma-coverage > ibrik > fileset > minimatch@0.4.0: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
warning mocha > glob > minimatch@0.2.14: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
warning mocha > glob > graceful-fs@2.0.3: graceful-fs v3.0.0 and before will fail on node releases >= v7.0. Please update to graceful-fs@^4.0.0 as soon as possible. Use 'npm ls graceful-fs' to find it in the tree.
warning gulp-mocha > mocha > glob > minimatch@0.3.0: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
warning gulp-mocha > mocha > to-iso-string@0.0.2: to-iso-string has been deprecated, use @segment/to-iso-string instead.
warning mocha > jade@0.26.3: Jade has been renamed to pug, please install the latest version of pug instead of jade
warning gulp-karma > xtend > object-keys@0.4.0:
warning localtunnel > request > node-uuid@1.4.8: Use uuid module instead
warning gulp-webdriver > webdriverio > request > node-uuid@1.4.8: Use uuid module instead
warning phantomjs > request > tough-cookie@2.2.2: ReDoS vulnerability parsing Set-Cookie https://nodesecurity.io/advisories/130
warning gulp-jscs > jscs > babel-jscs > babel-core > minimatch@2.0.10: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
warning gulp > vinyl-fs > glob-watcher > gaze > globule > glob > graceful-fs@1.2.3: graceful-fs v3.0.0 and before will fail on node releases >= v7.0. Please update to graceful-fs@^4.0.0 as soon as possible. Use 'npm ls graceful-fs' to find it in the tree.
warning gulp-jsdoc-to-markdown > jsdoc-to-markdown > jsdoc-parse > jsdoc-api > promise.prototype.finally@1.0.1: Please upgrade to v2.0 or higher!
@mkendall07 mkendall07 changed the title Package Management Update dev dependencies. May 4, 2017
@mkendall07
Copy link
Member

A lot of these are resolved with #1355 so closing

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
build process
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@matthewlane @mkendall07 @protonate