Hexo: Deprecated dependencies (swig & minimatch)

Created on 3 Dec 2016  ·  3Comments  ·  Source: hexojs/hexo

Environment Info

Node version(node -v)

v6.9.1

When doing a hexo init mywebsite it warns about two outdated dependencies:

npm WARN deprecated [email protected]: This package is no longer maintained
npm WARN deprecated [email protected]: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue

This should probably be looked into since both of these dependencies are HEAVILY outdated.

picture awulkan

Most helpful comment

minimatch is already updated to v3.0.0 in master so the minimatch npm warn will be gone in next publish I suppose.

Also I think you guys need to move on from swig since it's no longer maintained. What do you think?

picture tianp on 7 Dec 2016
👍5

All 3 comments

I could update those sem versions in package.json, but sadly I don't have permission to publish to npm.

NoahDragon picture NoahDragon on 5 Dec 2016

minimatch is already updated to v3.0.0 in master so the minimatch npm warn will be gone in next publish I suppose.

Also I think you guys need to move on from swig since it's no longer maintained. What do you think?

tianp picture tianp on 7 Dec 2016
👍5

@tianp Agree.

NoahDragon picture NoahDragon on 4 May 2017
Was this page helpful?
0 / 5 - 0 ratings

Related issues

ghost picture ghost  ·  3Comments
leoli-dev picture leoli-dev  ·  3Comments
Helihua1992 picture Helihua1992  ·  3Comments
enterhuiche picture enterhuiche  ·  3Comments
testareas picture testareas  ·  3Comments