Open ghost opened 7 years ago
npm install -g strongloop
npm WARN deprecated nodemailer@2.7.2: All versions below 4.0.1 of Nodemailer are deprecated. See https://nodemailer.com/status/ npm WARN deprecated gulp-util@3.0.8: gulp-util is deprecated - replace it, following the guidelines at https://medium.com/gulpjs/gulp-util-ca3b1f9f9ac5 npm WARN deprecated ejs@1.0.0: Critical security bugs fixed in 2.5.5 npm WARN deprecated minimatch@0.3.0: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue npm WARN deprecated graceful-fs@3.0.11: please upgrade to graceful-fs 4 for compatibility with current and future versions of Node.js npm WARN deprecated node-uuid@1.4.8: Use uuid module instead npm WARN deprecated connect@2.30.2: connect 2.x series is deprecated npm WARN deprecated coffee-script@1.6.3: CoffeeScript on NPM has moved to "coffeescript" (no hyphen) npm WARN deprecated minimatch@2.0.10: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
"Critical security bugs" and "RegExp DoS" sound scary for a PM that is intended for use in production environments. Are these issues as concerning as they sound?
Don't install the deprecated strongloop
package, do npm i -g strong-pm
instead
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
Don't install the deprecated strongloop package, do npm i -g strong-pm instead
If the "strongloop" package is incorrect then the home page for StrongLoop Process Manager needs to be updated:
In fact according to this documentation, it might be the case that you need to install the pm2
package instead.
npm install pm2
Regardless, the home page still seems to be recommending an incorrect npm package to install.
npm install -g strongloop
npm WARN deprecated node-uuid@1.4.7: use uuid module instead npm WARN deprecated minimatch@0.3.0: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue npm WARN deprecated minimatch@2.0.10: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue