I have just installed koa-mongo through NPM, and got a warning about debug 4.1.1 being deprecated:
$ npm i koa-mongo
npm WARN deprecated debug@4.1.1: Debug versions >=3.2.0 <3.2.7 || >=4 <4.3.1 have a low-severity ReDos regression when used in a Node.js environment. It is recommended you upgrade to 3.2.7 or 4.3.1. (https://github.com/visionmedia/debug/issues/797)
added 5 packages, changed 1 package, and audited 148 packages in 3s
found 0 vulnerabilities
$ npm -v
7.3.0
$ node -v
v15.5.1
$
Apart from debug (and a minor update for mongodb,) dependencies seem quite up-to-date though. This is in package.json:
Hi,
I have just installed
koa-mongo
through NPM, and got a warning about debug 4.1.1 being deprecated:Apart from
debug
(and a minor update formongodb
,) dependencies seem quite up-to-date though. This is inpackage.json
:And these are the current versions:
It might be good to bump
debug
dependency version?