search

mapbox / tokml

Convert GeoJSON to KML.
http://mapbox.github.io/tokml/
BSD 2-Clause "Simplified" License
189 stars 91 forks source link

Deprecated dependecy minimatch #37

Open pilarArr opened 6 years ago

pilarArr commented 6 years ago

As per title description.

npm WARN deprecated minimatch@0.3.0: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue

└─┬ tokml@0.4.0 └─┬ strxml@0.0.0 └─┬ tap@0.4.13 └─┬ glob@3.2.11 └── minimatch@0.3.0

I checked the dependency tree and glob and tap use the correct version. Sostrxml and tokml are the only ones that should be updated.

nngo commented 6 years ago

this is pretty much the same issue identified in #36 (Vulnerability with dependencies) and there is some work done in pull request #31 (upgrade strxml to fix warnings related to tap included in build)

asafMasa commented 5 years ago

@pilarArr @nngo @zugaldia @Yuffster @ivaner is there any progress with this issue?

pshongwe commented 1 year ago

any update?