Nightwatch: Bithound reports insecure dependencies
Bithounds reports a couple of outdated dependencies for nightwatch as detailed here. In particular the ejs version used seems the highest risk one.
Because of it, when using the latest version of nightwatch, bithound reports my dev dependencies as insecure (
)
I was wondering if there were any plans to update to a safer version of ejs.
obartra
All 7 comments
Hi @obartra !
You could create a PR for this issue. EJS is only used for the html report (I think). The correction should not take so much time
ridrum
on 24 Aug 2017
Would also be a nice time to enable Greenkeeper 馃憤
StephanBijzitter
on 28 Aug 2017
I tried updating it today but looks like there's been a couple breaking changes since. greenkeeper and npm lock would be nice additions
obartra
on 28 Aug 2017
@obartra Let me know if you need some help for the PR
ridrum
on 28 Aug 2017
@ridrum someone already started a PR, but it's failing on Travis
https://github.com/nightwatchjs/nightwatch/pull/1547
StephanBijzitter
on 28 Aug 2017
Can someone who is intimately familiar with the code have a look at the failures on https://github.com/nightwatchjs/nightwatch/pull/1547 ?
By changing harcoded test values, I can get tests to pass, but only on one version of node.js.
Would like to get some movement on this, so I'll help in any way I can.
avindra
on 5 Sep 2017
This issue has been automatically marked as stale because it has not had any recent activity.
If possible, please retry using the latest Nightwatch version and update the issue with any relevant details. If no further activity occurs, it will be closed. Thank you for your contribution.
![stale[bot] picture](https://avatars.githubusercontent.com/in/1724?v=4&s=40)
stale[bot]
on 14 Nov 2018
Related issues
manjero
路
4Comments
danielbentov
路
4Comments
jvlaar
路
4Comments
maxgalbu
路
3Comments
Pieras2
路
3Comments
Most helpful comment
@ridrum someone already started a PR, but it's failing on Travis
https://github.com/nightwatchjs/nightwatch/pull/1547