You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@senssoft.apache.org by "Joshua Poore (JIRA)" <ji...@apache.org> on 2019/01/11 19:15:00 UTC

[jira] [Created] (SENSSOFT-321) Gulp Mocha Dependency Deprecation: Critical Command Injection Vulnerability

Joshua Poore created SENSSOFT-321:
-------------------------------------

             Summary: Gulp Mocha Dependency Deprecation: Critical Command Injection Vulnerability
                 Key: SENSSOFT-321
                 URL: https://issues.apache.org/jira/browse/SENSSOFT-321
             Project: SensSoft
          Issue Type: Bug
          Components: UserALE.js
    Affects Versions: UserALE.js 1.0.0, UserALE.js 1.1.0
         Environment: javascript
            Reporter: Joshua Poore
            Assignee: Joshua Poore
             Fix For: UserALE.js 1.1.0


Multiple Warnings with NPM Build through -192 branch

npm WARN deprecated babel-preset-es2015@6.24.1: 🙌  Thanks for using Babel: we recommend using babel-preset-env now: please read babeljs.io/env to update! 

{color:#FF0000}npm WARN deprecated gulp-util@3.0.8: gulp-util is deprecated - replace it, following the guidelines at https://medium.com/gulpjs/gulp-util-ca3b1f9f9ac5{color}

npm WARN deprecated uglify-js-harmony@2.7.7: deprecated in favour of uglify-es

npm WARN deprecated formatio@1.1.1: This package is unmaintained. Use @sinonjs/formatio instead

npm WARN deprecated samsam@1.1.2: This package has been deprecated in favour of @sinonjs/samsam

npm WARN deprecated graceful-fs@3.0.11: please upgrade to graceful-fs 4 for compatibility with current and future versions of Node.js

npm WARN deprecated samsam@1.1.3: This package has been deprecated in favour of @sinonjs/samsam

npm WARN deprecated minimatch@2.0.10: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue

npm WARN deprecated circular-json@0.3.3: CircularJSON is in maintenance only, flatted is its successor.

npm WARN deprecated minimatch@0.2.14: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue

npm WARN deprecated graceful-fs@1.2.3: please upgrade to graceful-fs 4 for compatibility with current and future versions of Node.js

Notably:

Gulp Mocha has a critical vulnerability (see attached for details

 



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)