bcoe
commented
4 years ago @hubiierik @brandonhawi the new version of flat drops support for Node 6/8, so we would need to take it in as a breaking change. I believe what we should do is drop Node 8 and 6 in this library first (as we have in yargs).
Hi,
I am starting to see red builds on my TeamCity build server with the message:
npm WARN deprecated flat@4.1.0: Fixed a prototype pollution security issue in 4.1.0, please upgrade to ^4.1.1 or ^5.0.1.The issue is generated from the unit tests which are driven by mocha. Mocha has the dependency chain: mocha -> yargs-unparser -> flat.
Somebody have already reported the same issue mocha: https://github.com/mochajs/mocha/issues/4410
Would be nice if the deprecated dependency could be solved.
Regards, Erik