Closed kvz closed 7 years ago
Some packages prefer to be present global, but that's not required for our purposes, so we should ignore those:
npm WARN prefer global coffee-script@1.12.1 should be installed with -g
npm WARN prefer global deps-ok@1.1.0 should be installed with -g
npm WARN prefer global http-server@0.9.0 should be installed with -g
npm WARN prefer global node-gyp@3.4.0 should be installed with -g
As for the remaining deprecation warnings:
npm WARN deprecated node-uuid@1.4.7: use uuid module instead
npm WARN deprecated tough-cookie@2.2.2: ReDoS vulnerability parsing Set-Cookie https://nodesecurity.io/advisories/130
Those are subdependencies:
and so it's up to their direct parents to upgrade. The warnings aren't critical though, as we're not using this in a server environment, and npm is just there to generate the website statically (and offer an install channel for b3bp to those who are already invested in the node ecosystem)
whoa! Since when can you resolve conflicts through the github UI? (Also, @kvz I don't think I'm qualified to resolve these...)
Yes indeed, seems like they're iterating quite drastically - worth checking their blog every now and again, also their engineering blog, pretty hardcore stuff!
Merging this should fix #75