Closed pdehaan closed 9 years ago
Currently I'm getting an npm warning and notifications that a few modules are outdated and potentially vulnerable...
$ git clone https://github.com/digitarald/firewatch.git . $ npm install npm WARN package.json firewatch@1.0.1 No repository field. npm WARN engine hawk@0.10.2: wanted: {"node":"0.8.x"} (current: {"node":"0.10.30","npm":"1.4.28"}) npm WARN engine boom@0.3.8: wanted: {"node":"0.8.x"} (current: {"node":"0.10.30","npm":"1.4.28"}) npm WARN engine cryptiles@0.1.3: wanted: {"node":"0.8.x"} (current: {"node":"0.10.30","npm":"1.4.28"}) npm WARN engine sntp@0.1.4: wanted: {"node":"0.8.x"} (current: {"node":"0.10.30","npm":"1.4.28"}) npm WARN engine hoek@0.7.6: wanted: {"node":"0.8.x"} (current: {"node":"0.10.30","npm":"1.4.28"}) $ npm shrinkwrap --dev wrote npm-shrinkwrap.json $ # sudo npm i nsp -g $ nsp audit-shrinkwrap Name Installed Patched Vulnerable Dependency qs 0.6.6 >= 1.x firewatch > express > connect qs 0.6.6 >= 1.x firewatch > express > connect send 0.1.4 >= 0.8.4 firewatch > express qs 0.5.6 >= 1.x firewatch > winston > request qs 0.5.6 >= 1.x firewatch > winston > request $ npm outdated --depth 0 Package Current Wanted Latest Location browserify-middleware 2.5.0 2.5.0 3.0.1 browserify-middleware express 3.4.8 3.4.8 4.9.4 express mocha 1.18.2 1.18.2 1.21.4 mocha nomnom 1.6.2 1.6.2 1.8.0 nomnom opener 1.3.0 1.3.0 1.4.0 opener reactify 0.10.0 0.10.0 0.14.0 reactify should 3.2.0 3.2.0 4.0.4 should socket.io 0.9.17 0.9.17 1.1.0 socket.io stylus 0.45.1 0.45.1 0.48.1 stylus temp 0.7.0 0.7.0 0.8.1 temp winston 0.7.3 0.7.3 0.8.0 winston # .travis.yml not found $ # sudo npm i pjv -g $ pjv -wr { valid: true, warnings: [ 'Missing recommended field: bugs', 'Missing recommended field: contributors', 'Missing recommended field: repository' ], recommendations: [ 'Missing optional field: homepage', 'Missing optional field: engines' ] }
Currently I'm getting an npm warning and notifications that a few modules are outdated and potentially vulnerable...
Steps to reproduce: