So it's not done programmatically? Red (dangerous) versions are determined
manually?
Anyway, this sounds like if actively maintained, a better approach than the
similar david-dm service, which I believe only bases its output on version
numbers indiscriminately. Perhaps you can keep your list of 'must not use'
modules public.
On Wednesday, February 13, 2013, Philippe Lafoucrière wrote:
> Hi Luke,
>
> Most of the time, it's a security issue (there are a LOT of updates lately
> on rails...), but it can also be an implementation of a deprecated API
> (github API V2 for instance).
> Red ("update needed") means a dependency declared in package.json must not
> be used.
> I will read this mailing list daily to check if some issues are raised on
> some packages, and we're also following other sources. So far, we don't
> have any version marked as red for npm packages, please ping me
> (@gemnasiumapp) if you think one package should be tagged.
>
> Thanks!
>
>
> --
> Philippe Lafoucrière - CEO
> http://www.tech-angels.com
> main : +33 (0) 970 444 643
> mobile : +33 (0) 6 72 63 75 40
> fax : +33 (0) 9 72 12 78 75
>
>
>
> On Wed, Feb 13, 2013 at 9:16 PM, Luke Arduini <[email protected]>wrote:
>
> What qualifies as update needed?
>
>
> On Wednesday, February 13, 2013, Philippe Lafoucrière wrote:
>
> Hi guys,
>
> We're pleased to announce the immediate availability of Gemnasium NPM:
> https://gemnasium.com
> Gemnasium is an online tool to monitor your project dependencies, it
> was originally designed to work with ruby gems, but now features node
> packages as well.
> Gemnasium will search for a package.json at the root of projects, and
> determine if an update is needed. 3 colors are used: green (all right!),
> yellow (just outdated), red (update needed).
> It's still 100% free for opensource projects, of course.
>
> The new version also features what we call the "watchmen", ie: a bunch of
> us manually looking at changelogs to check for security issues.
> If you think a version should be tagged as fixing something very important
> (like a security hole), please feel free to contact us (@gemnasiumapp /
> [email protected]).
>
> A travis-like badge is also available for your projects, like:
> [](https://gemnasium.com/visionmedia/express)
> for express project (more formats available on the page
> https://gemnasium.com/visionmedia/express).
> Of course, your feedback is welcome, and we really hope you will find this
> product useful.
>
> Ho, one more thing... To celebrate this release, we'd like to give new
> subscribers a special coupon : VALENTINESDEP
> This coupon will bring some <3<3<3, and also 50% for 3 months (1 month is
> 100% free!).
>
> Enjoy!
> Philippe
>
>
> --
> --
> Job Board: http://jobs.nodejs.org/
> Posting guidelines:
> https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines
> You received this message because you are subscribed to the Google
> Groups "nodejs" group.
> To post to this group, send email to [email protected]
> To unsubscribe from this group, send email to
> [email protected]
> For more options, visit this group at
> http://groups.google.com/group/nodejs?hl=en?hl=en
>
> ---
> You received this message because you are subscribed to the Google Groups
> "nodejs" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> For more options, visit https://groups.google.com/groups/opt_out.
>
>
>
> --
> --
> Job Board: http://jobs.nodejs.org/
> Posting guidelines:
> https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines
> You received this message because you are subscribed to the Google
> Groups "nodejs" group.
> To post to this group, send email to [email protected]
> To unsubscribe from this group, send email to
> [email protected]
> For more options, visit this group at
> http://groups.google.com/group/nodejs?hl=en?hl=en
>
> ---
> You received this message because you are subscribed to the Google Groups
> "nodejs" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> For more options, visit <https://groups.google.com/groups/opt_out>
>
> --
> --
> Job Board: http://jobs.nodejs.org/
> Posting guidelines:
> https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines
> You received this message because you are subscribed to the Google
> Groups "nodejs" group.
> To post to this group, send email to
> [email protected]<javascript:_e({}, 'cvml', '[email protected]');>
> To unsubscribe from this group, send email to
> [email protected] <javascript:_e({}, 'cvml',
> 'nodejs%[email protected]');>
> For more options, visit this group at
> http://groups.google.com/group/nodejs?hl=en?hl=en
>
> ---
> You received this message because you are subscribed to the Google Groups
> "nodejs" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected] <javascript:_e({}, 'cvml',
> 'nodejs%[email protected]');>.
> For more options, visit https://groups.google.com/groups/opt_out.
>
>
>
--
--
Job Board: http://jobs.nodejs.org/
Posting guidelines:
https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines
You received this message because you are subscribed to the Google
Groups "nodejs" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/nodejs?hl=en?hl=en
---
You received this message because you are subscribed to the Google Groups
"nodejs" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
