search

dentarg / hubot-url-title

:crocodile: Returns the title when a link is posted
https://www.npmjs.com/package/hubot-url-title
4 stars 10 forks source link

Update dependencies #23

Closed dentarg closed 8 years ago

dentarg commented 8 years ago

Happened to see the following when doing npm install

$ npm install
npm WARN deprecated tough-cookie@0.9.15: ReDoS vulnerability parsing Set-Cookie https://nodesecurity.io/advisories/130
npm WARN deprecated to-iso-string@0.0.2: to-iso-string has been deprecated, use @segment/to-iso-string instead.
npm WARN deprecated jade@0.26.3: Jade has been renamed to pug, please install the latest version of pug instead of jade
npm WARN deprecated minimatch@0.3.0: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue

...

Also https://david-dm.org/dentarg/hubot-url-title doesn't look too good

thomasrussellmurphy commented 8 years ago

Ready to close this, now that #26 is in?

dentarg commented 8 years ago

Would like https://david-dm.org/dentarg/hubot-url-title not to show red, and then cut a release, before closing this

thomasrussellmurphy commented 8 years ago

Looks like I trusted the updater to do a more complete job and was wrong. There are still dependencies in package.json that are out of date, so it won't stop showing red without some more changes.