James E. King, III created THRIFT-4509:
------------------------------------------
Summary: js and nodejs libraries need to be refreshed with current
libraries
Key: THRIFT-4509
URL: https://issues.apache.org/jira/browse/THRIFT-4509
Project: Thrift
Issue Type: Improvement
Components: JavaScript - Library, Node.js - Library
Affects Versions: 0.11.0
Reporter: James E. King, III
The npm libraries that our js and nodejs depend on are starting to go end of
life.
As it stands the build is just barely holding together, and as of 5 hours ago
the "ws" package dropped support for node < 4.5.0; Ubuntu Xenial 16.04 LTS uses
node v4.2.6.
There are other issues:
{noformat}
Running "shell:InstallThriftNodeJSDep" (shell) task
WARN engine [email protected]: wanted: {"node":">=4.5.0"} (current:
{"node":"4.2.6","npm":"3.5.2"})
npm WARN deprecated [email protected]: Please update to minimatch 3.0.2 or higher
to avoid a RegExp DoS issue
npm WARN deprecated [email protected]: Please update to minimatch 3.0.2 or
higher to avoid a RegExp DoS issue
npm WARN deprecated [email protected]: Please update to minimatch 3.0.2 or higher
to avoid a RegExp DoS issue
npm WARN deprecated [email protected]: Please update to minimatch 3.0.2 or
higher to avoid a RegExp DoS issue
npm WARN deprecated [email protected]: Use uuid module instead
npm WARN deprecated [email protected]: ReDoS vulnerability parsing Set-Cookie
https://nodesecurity.io/advisories/130
{noformat}
Some of these are security issues.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
