search

yfinkelstein / node-zookeeper

node.js client for Apache Zookeeper
MIT License
479 stars 111 forks source link

Unit tests: replace tape with Ava #276

Closed DavidVujic closed 2 years ago

DavidVujic commented 3 years ago

Describe the bug This is an issue only when installing the source code (not the release built npm package) and is about the devDependencies.

The library tap-spec seems to have an outdated sub dependency that is raising warnings on install.

tap-spec is used in this repo to print out unit tests in a nice way.

To Reproduce

  1. Clone this repo.
  2. run npm install

Error Log

# npm audit report

trim  <0.0.3
Severity: high
Regular Expression Denial of Service in trim - https://npmjs.com/advisories/1700
fix available via `npm audit fix --force`
Will install tap-spec@2.2.2, which is a breaking change
node_modules/trim
  tap-out  *
  Depends on vulnerable versions of trim
  node_modules/tap-out
    tap-spec  2.1.2 || >=3.0.0
    Depends on vulnerable versions of tap-out
    node_modules/tap-spec

Expected behavior npm install should not raise any audit warnings.

jbienkowski311 commented 3 years ago

I think we should move to the forked lib called tap-in as tap-out seems to not be maintained by its author anymore. It would also close this issue.

DavidVujic commented 3 years ago

Good idea @jbienkowski311!

DavidVujic commented 2 years ago

I'm leaning towards switching out tape to ava. https://github.com/avajs/ava