search

curiousdannii / parchment

The Interactive Fiction web app
https://iplayif.com
MIT License
424 stars 60 forks source link

Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue #38

Closed neoice closed 7 years ago

neoice commented 7 years ago 
root@cf8a7475e8d3:/parchment# npm install
npm WARN deprecated minimatch@0.2.14: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
npm WARN deprecated graceful-fs@1.2.3: graceful-fs v3.0.0 and before will fail on node releases >= v7.0. Please update to graceful-fs@^4.0.0 as soon as possible. Use 'npm ls graceful-fs' to find it in the tree.
npm WARN engine pbkdf2@3.0.9: wanted: {"node":">=0.12"} (current: {"node":"0.10.29","npm":"1.4.21"})
npm WARN deprecated minimatch@0.3.0: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
npm WARN deprecated minimatch@0.4.0: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
npm WARN engine esprima@4.0.0-dev: wanted: {"node":">=4"} (current: {"node":"0.10.29","npm":"1.4.21"})
curiousdannii commented 7 years ago

I will update it, but just note that there is no DoS vector, the affected apps are only used by grunt to build the lib files.