kriskowal / q

A promise library for JavaScript
MIT License
14.93k stars 1.2k forks source link

npm package warnings #793

Open valderra-jpl opened 8 years ago

valderra-jpl commented 8 years ago

There are a bunch of package warnings for dependencies of v1, some more dire than others:

$ npm install
npm WARN deprecated minimatch@0.2.14: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
npm WARN deprecated minimatch@0.3.0: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
npm WARN deprecated graceful-fs@1.2.3: graceful-fs v3.0.0 and before will fail on node releases >= v7.0. Please update to graceful-fs@^4.0.0 as soon as possible. Use 'npm ls graceful-fs' to find it in the tree.
npm WARN deprecated electron@0.2.1: The original electron project has been moved. Visit github.com/logicalparadox/electron for more details.
npm WARN deprecated jade@0.26.3: Jade has been renamed to pug, please install the latest version of pug instead of jade

This boils down to specifying dependence on 4yo versions of grunt, opener, and matcha.

They're just dev dependencies, so probably the only semi-urgent upgrade would be graceful-fs (via grunt), since those will break with the pending v7.0.0 release of node.

amZotti commented 7 years ago

@valderra-jpl What version of npm and node are you running?

I am running npm 3.10.10 and node v7.3.0 - I don't see any of those warnings.