themeteorchef
commented
7 years ago I'd have to look at what package is dependent on Jade, but will consider this in the 5.0 release (since it's a WARN it's fairly low priority).
Open rednax1994 opened 7 years ago
themeteorchef
commented
7 years ago I'd have to look at what package is dependent on Jade, but will consider this in the 5.0 release (since it's a WARN it's fairly low priority).
There are a couple of packages that are still using old packages as dependacies. When installing using meteor npm install, the following give a message: npm WARN deprecated to-iso-string@0.0.2: to-iso-string has been deprecated, use @segment/to-iso-string instead. npm WARN deprecated jade@0.26.3: Jade has been renamed to pug, please install the latest version of pug instead of jade npm WARN deprecated minimatch@0.3.0: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue npm WARN deprecated tough-cookie@2.2.2: ReDoS vulnerability parsing Set-Cookie https://nodesecurity.io/advisories/130 npm WARN deprecated node-uuid@1.4.7: use uuid module instead
Could this be updates so packages like jade don't get used anymore?