[ https://issues.apache.org/jira/browse/SENSSOFT-321?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16740699#comment-16740699 ]
Joshua Poore commented on SENSSOFT-321: --------------------------------------- Non-breaking, although porting to Gulp 4.0.0 is. I'll update mocha and test. > Gulp Mocha Dependency Deprecation: Critical Command Injection Vulnerability > --------------------------------------------------------------------------- > > Key: SENSSOFT-321 > URL: https://issues.apache.org/jira/browse/SENSSOFT-321 > Project: SensSoft > Issue Type: Bug > Components: UserALE.js > Affects Versions: UserALE.js 1.0.0, UserALE.js 1.1.0 > Environment: javascript > Reporter: Joshua Poore > Assignee: Joshua Poore > Priority: Critical > Fix For: UserALE.js 1.1.0 > > Attachments: Gulp Mocha Vulnerability > > > Multiple Warnings with NPM Build through -192 branch > npm WARN deprecated babel-preset-es2015@6.24.1: 🙌 Thanks for using Babel: we > recommend using babel-preset-env now: please read babeljs.io/env to update! > {color:#FF0000}npm WARN deprecated gulp-util@3.0.8: gulp-util is deprecated - > replace it, following the guidelines at > https://medium.com/gulpjs/gulp-util-ca3b1f9f9ac5{color} > npm WARN deprecated uglify-js-harmony@2.7.7: deprecated in favour of uglify-es > npm WARN deprecated formatio@1.1.1: This package is unmaintained. Use > @sinonjs/formatio instead > npm WARN deprecated samsam@1.1.2: This package has been deprecated in favour > of @sinonjs/samsam > npm WARN deprecated graceful-fs@3.0.11: please upgrade to graceful-fs 4 for > compatibility with current and future versions of Node.js > npm WARN deprecated samsam@1.1.3: This package has been deprecated in favour > of @sinonjs/samsam > npm WARN deprecated minimatch@2.0.10: Please update to minimatch 3.0.2 or > higher to avoid a RegExp DoS issue > npm WARN deprecated circular-json@0.3.3: CircularJSON is in maintenance only, > flatted is its successor. > npm WARN deprecated minimatch@0.2.14: Please update to minimatch 3.0.2 or > higher to avoid a RegExp DoS issue > npm WARN deprecated graceful-fs@1.2.3: please upgrade to graceful-fs 4 for > compatibility with current and future versions of Node.js > Notably: > Gulp Mocha has a critical vulnerability (see attached for details >  -- This message was sent by Atlassian JIRA (v7.6.3#76005)