Closed holblin closed 2 years ago
I love how this upgrade to update-notifier
requires node 14 and a transition to ESM. Awesome.
Hi @bcoe , I disagree with the completion of this issue. There was no new release of GTS following the fix, which keep all the consumers impacted.
Could we re-open the issue until we got a new version published in NPM?
@holblin 4.0.0
is released to the dist-tag next
:
npm i gts@next
However it seems to have some issues:
Error: Cannot read config file: /Users/bencoe/google/nodejs-vision/samples/.eslintrc.yml
Error: Function yaml.safeLoad is removed in js-yaml 4. Use yaml.load instead, which is now safe by default.
at Object.safeLoad (/Users/bencoe/google/nodejs-vision/node_modules/@eslint/eslintrc/node_modules/js-yaml/index.js:10:11)
at loadYAMLConfigFile (/Users/bencoe/google/nodejs-vision/node_modules/@eslint/eslintrc/lib/config-array-factory.js:161:21)
at loadConfigFile (/Users/bencoe/google/nodejs-vision/node_modules/@eslint/eslintrc/lib/config-array-factory.js:319:20)
@holblin I believe the issue I was running into was a stale package-lock.json
issue, could you try 4.0.0
and let me know if it works for you?
It works 👍 Thanks a lot :-)
Hi,
I have multiple packages that use gts. Due to a CVE,
gts
is impacted in his last version:Updating
update-notifier
to the latest version and releasing a new version ofgts
, will solve the issue.Indeed, currently, this is the chain of versions from gts:
update-notifier (^5.0.0) > latest-version (^5.1.0) > package-json (^6.3.0) > got (^9.6.0)
And this will be the new chain of versions after the change:update-notifier (6.0.2) > latest-version (^7.0.0) > package-json (^8.1.0) > got (^12.1.0)