Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

some NPM modules are outdated. #485

Closed
stein2nd opened this issue Aug 4, 2023 · 2 comments
Closed

some NPM modules are outdated. #485

stein2nd opened this issue Aug 4, 2023 · 2 comments
Labels
stale

Comments

@stein2nd
Copy link

stein2nd commented Aug 4, 2023
edited
Loading

After cloning to a local drive, I ran "ncu -u" and it indicated that some NPM modules were outdated:

Upgrading [User home directory]/Documents/GitHub/environment/package.json
[====================] 41/41 100%
@types/lodash-es ^4.17.7 → ^4.17.8
@yeoman/adapter ^1.1.0 → ^1.2.0
@yeoman/conflicter ^1.0.7 → ^1.0.8
c8 ^8.0.0 → ^8.0.1
chalk ^5.2.0 → ^5.3.0
execa ^7.1.1 → ^7.2.0
fly-import ^0.3.0 → ^0.3.1
globby ^13.1.4 → ^13.2.2
mem-fs-editor ^10.0.1 → ^10.0.2
prettier ^2.8.8 → ^3.0.1
prettier-plugin-packagejson ^2.4.3 → ^2.4.5
rimraf ^5.0.0 → ^5.0.1
semver ^7.5.0 → ^7.5.4
sinon ^15.0.4 → ^15.2.0
slash ^5.0.1 → ^5.1.0
strip-ansi ^7.0.1 → ^7.1.0
typescript ^5.0.4 → ^5.1.6
xo 0.54.2 → 0.55.0

I ran "npm install" and it indicated that some depricated:

npm WARN deprecated @npmcli/[email protected]: This functionality has been moved to @npmcli/fs

image
...Maybe that fixing "fly-import" to call the latest version of "@npmcli/arborist" will eliminate this warning.

I ran "npm audit fix" and it indicated below:

npm audit report

nth-check <2.0.1
Severity: high
Inefficient Regular Expression Complexity in nth-check - GHSA-rp65-9cf3-cjxr
No fix available
node_modules/nth-check
css-select <=3.1.0
Depends on vulnerable versions of nth-check
node_modules/css-select
cheerio 0.19.0 - 1.0.0-rc.3
Depends on vulnerable versions of css-select
node_modules/cheerio
tui-jsdoc-template *
Depends on vulnerable versions of cheerio
node_modules/tui-jsdoc-template

4 high severity vulnerabilities

System:

  • OS: macOS 13.5
  • CPU: (12) x64 Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz
  • Memory: 285.12 MB / 32.00 GB
  • Shell: 3.2.57 - /bin/bash

Binaries:

  • Node: 20.5.0 - ~/.nodebrew/current/bin/node
  • Yarn: 1.22.19 - /usr/local/bin/yarn
  • npm: 9.8.0 - ~/.nodebrew/current/bin/npm
@mshima
Copy link
Member

mshima commented Aug 4, 2023

Those are transitive dependencies, can be fixed by recreating package-lock.json.
rm -rf package-lock.json node_modules && npm install

@github-actions
Copy link
Contributor

github-actions bot commented Sep 4, 2023

This issue is stale because it has been open with no activity. Remove stale label or comment or this will be closed

@github-actions github-actions bot added the stale label Sep 4, 2023
@github-actions github-actions bot closed this as not planned Won't fix, can't repro, duplicate, stale Sep 10, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
stale
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@stein2nd @mshima