jlord
commented
9 years ago Oh! :+1: Thanks!
Closed pdehaan closed 9 years ago
jlord
commented
9 years ago Oh! :+1: Thanks!
pdehaan
commented
9 years ago And just for giggles, here's the output from nsp and npm outdated:
$ git clone https://github.com/jlord/balrog.git balrog
$ npm install
npm
WARN
package.json
balrog@1.0.0 scripts['server'] should probably be scripts['start'].
$ npm shrinkwrap --dev
wrote npm-shrinkwrap.json
# $ sudo npm i nsp -g
$ nsp audit-shrinkwrap --no-color
No vulnerable modules found
$ npm outdated --depth 0
Package Current Wanted Latest Location
cheerio 0.10.8 0.10.8 0.17.0 cheerio
glob 3.1.21 3.1.21 4.0.5 glob
moment 1.7.2 1.7.2 2.8.1 moment
handlebars 1.0.12 1.0.12 2.0.0-alpha.4 handlebars
mkdirp 0.3.5 0.3.5 0.5.0 mkdirp
cpr 0.1.1 0.1.1 0.3.2 cpr
split 0.2.10 0.2.10 0.3.0 split
concat-stream 1.0.1 1.0.1 1.4.6 concat-stream
rss 0.2.1 0.2.1 0.3.2 rss
underscore 1.5.2 1.5.2 1.6.0 underscore
ecstatic 0.4.13 0.4.13 0.5.4 ecstatic
minimatch 0.2.14 0.2.14 1.0.0 minimatch
tape 2.3.3 2.3.3 2.14.0 tape
See https://nodesecurity.io/advisories/marked_multiple_content_injection_vulnerabilities