search

Brightspace / d2l-license-checker

Simple tool to continuously check for D2L accepted licenses of all npm dependencies in a project.
4 stars 2 forks source link

Issues with dependencies #57

Closed dougmoscrop closed 5 years ago

dougmoscrop commented 6 years ago 
@d2l/license-checker-ci@2.0.9
│ ├─┬ bower-license@0.4.4
│ │ └─┬ bower-json@0.4.0 <----- source repo now missing from github
│ │   └── graceful-fs@2.0.3 <----- deprecated
jkehres commented 6 years ago

@JimD2L added bower-license in: https://github.com/Brightspace/license-checker-ci/pull/35

khorwood commented 5 years ago

Also bower-json@0.4.4 has a dep on: deep-extend@0.2.11 which is affected by: https://nodesecurity.io/advisories/612

dougmoscrop commented 5 years ago

My vote is just kill all bower support and bump major