yarn audit showing vulnerabilities

Question

yarn audit showing vulnerabilities

sido420 opened this issue 6 years ago · 4 comments

sido420 commented 6 years ago

yarn audit is showing vulnerabilities in some of the dependencies.

sido420 commented 6 years ago

ignore

Answer 1 · 2018-11-17T15:06:29.000Z

Published version 3.0.0 (due to 93f4746) with updated dependencies.

Answer 2 · 2018-12-10T02:01:55.000Z

I'm getting the following warnings when I upgraded to 3.0.0

warning omega-supreme > request > hawk > hoek@2.16.3: This version is no longer maintained. Please upgrade to the latest version.
warning omega-supreme > request > hawk > sntp > hoek@2.16.3: This version is no longer maintained. Please upgrade to the latest version.
warning omega-supreme > request > hawk > boom@2.10.1: This version is no longer maintained. Please upgrade to the latest version.
warning omega-supreme > request > hawk > boom > hoek@2.16.3: This version is no longer maintained. Please upgrade to the latest version.
warning omega-supreme > request > hawk > cryptiles@2.0.5: This version is no longer maintained. Please upgrade to the latest version.
warning omega-supreme > request > hawk > cryptiles > boom@2.10.1: This version is no longer maintained. Please upgrade to the latest version.

Answer 3 · 2018-12-10T02:20:13.000Z

node-uuid is also not recommended

/node_modules//omega-supreme/node_modules/http-signature/package.json: "node-uuid": "^1.4.1",