github-actions[bot]
commented
3 years ago Thank you for filing an issue! Please be patient. :-)
Closed frederikhors closed 3 years ago
github-actions[bot]
commented
3 years ago Thank you for filing an issue! Please be patient. :-)
ericblade
commented
3 years ago Hi there! Thanks for the question.
1.3.1 is on npm because that was the last change that had a version bump.
As for what npm 7 is telling you -- It looks like for some reason it thinks that any version higher than 0.0.2 will include snyk (this is probably correct), and snyk includes netmask, which apparently v2.0.1 and less, it finds disagreeable. If snyk has upgraded netmask in their dependencies, or whatever child of theirs needs it, then i could probably go ahead and do a dependency update patch release. There's another pull req for a highly recommended dep upgrade too, so maybe kill two birds with one stone there. I don't know right off hand how to see if snyk has solved that problem in their newest patches or not.
frederikhors
commented
3 years ago Ok. My question about 1.3.1 is because I cannot find this release in the list:
ericblade
commented
3 years ago i haven't perfected the automatic release process, and i probably forgot to submit a tag :-) thanks for pointing it out
ericblade
commented
3 years ago snyk has been removed, we're a couple of releases ahead now, i don't think there's much actionable here
Why do we have
v1.3.1on npmjs?Why npm 7 is suggesting me to upgrade to
@ericblade/quagga2 @ 0.0.1?Why
npm auditshows the below?In my
package.jsonI have this:which works great, but today I wanted to upgrade.