Closed Ghazgkull closed 3 years ago
@adnanrahic For some context, the Promster NPM module for exporting Prometheus metrics recently moved to your fork of node-gcstats
because of the dependency updates you made to eliminate vulnerabilities reported by npm audit
.
Would you mind clarifying whether you're planning to maintain this fork? If so, are you able to update the node-pre-gyp dependency? Are you open to PRs?
@Ghazgkull @adnanrahic Are these vulnerability fixes part of NPM yet? We would be interested in using it
@adnanrahic Please review the PR I submitted here: https://github.com/adnanrahic/node-gcstats/pull/4
@Ghazgkull Are you planning to publish your changes in NPM as a new library in case is not taken care here? We find it useful for us too instead of writing a new one for same purpose.
Hey everyone!
Sorry for not responding sooner. :disappointed: I was maintaining this fork while working at https://github.com/sematext.
I've moved to work somewhere else recently, so I'm not sure if I have publish permissions to the npm package https://www.npmjs.com/package/@sematext/gc-stats.
Let me merge #4 first so there is an option to use this fork by installing it directly from GitHub.
Thanks a lot for taking the time to create the PR @Ghazgkull! Really great work!
Seems I still have publish access! :rocket: :confetti_ball: Latest version is now: https://www.npmjs.com/package/@sematext/gc-stats/v/1.5.4 Thanks for looking into this and adding a fix. :bow:
@mapbox/node-pre-gyp replaces the deprecated node-pre-gyp. The deprecated version is currently flagged because of high severity vulnerabilities, causing
npm audit
to fail.@adnanrahic