search

shaunakv1 / easypack

A super simple build tool made in node to pack marked js and css files in a html file into single timestamped js and css file
2 stars 1 forks source link

Update validator dependency #6

Open pdehaan opened 10 years ago

pdehaan commented 10 years ago

See https://nodesecurity.io/advisories/validator_XSS_Filter_Bypass_via_Encoded_URL

pdehaan commented 10 years ago

Here was my full install log:

$ git clone https://github.com/shaunakv1/easypack.git .

$ npm install

$ npm shrinkwrap --dev
wrote npm-shrinkwrap.json

$ # sudo npm i nsp -g
$ nsp audit-shrinkwrap
Name       Installed  Patched  Vulnerable Dependency
validator    1.4.0    >=2.0.0  easypack

$ npm outdated --depth 0
Package    Current  Wanted  Latest  Location
cheerio     0.12.4  0.12.4  0.17.0  cheerio
uglify-js    2.3.6   2.3.6  2.4.15  uglify-js
uglifycss    0.0.5   0.0.5   0.0.9  uglifycss
validator    1.4.0   1.4.0  3.22.0  validator

# .travis.yml not found

$ # sudo npm i package-json-validator -g
$ pjv -wr
{ valid: true,
  warnings: [ 'Missing recommended field: contributors' ],
  recommendations:
   [ 'Missing optional field: homepage',
     'Missing optional field: engines' ] }