Hey All,
I downloaded reveal.js on 15.10.2018 at 10:55 as "version": "3.7.0".
Right after running npm install I get npm audit warnings, which you might want to look at to provide an even more flawless project experience. As it is just 1 high and 8 low vulnerabilities this might not be that critical but anyway ...
See below for more details. If you are already aware of it or do not find it worth looking at feel free to close this.
Best,
enosinger
... reveal.js>npm audit
=== npm audit security report ===
# Run npm install --save-dev [email protected] to resolve 9 vulnerabilities
SEMVER WARNING: Recommended action is a potentially breaking change
Low Regular Expression Denial of Service
Package debug
Dependency of socket.io [dev]
Path socket.io > debug
More info https://nodesecurity.io/advisories/534
Low Regular Expression Denial of Service
Package debug
Dependency of socket.io [dev]
Path socket.io > engine.io > debug
More info https://nodesecurity.io/advisories/534
Low Regular Expression Denial of Service
Package debug
Dependency of socket.io [dev]
Path socket.io > socket.io-adapter > debug
More info https://nodesecurity.io/advisories/534
Low Regular Expression Denial of Service
Package debug
Dependency of socket.io [dev]
Path socket.io > socket.io-client > debug
More info https://nodesecurity.io/advisories/534
Low Regular Expression Denial of Service
Package debug
Dependency of socket.io [dev]
Path socket.io > socket.io-client > engine.io-client > debug
More info https://nodesecurity.io/advisories/534
Low Regular Expression Denial of Service
Package debug
Dependency of socket.io [dev]
Path socket.io > socket.io-adapter > socket.io-parser > debug
More info https://nodesecurity.io/advisories/534
Low Regular Expression Denial of Service
Package debug
Dependency of socket.io [dev]
Path socket.io > socket.io-client > socket.io-parser > debug
More info https://nodesecurity.io/advisories/534
Low Regular Expression Denial of Service
Package debug
Dependency of socket.io [dev]
Path socket.io > socket.io-parser > debug
More info https://nodesecurity.io/advisories/534
High Regular Expression Denial of Service
Package parsejson
Dependency of socket.io [dev]
Path socket.io > socket.io-client > engine.io-client > parsejson
More info https://nodesecurity.io/advisories/528
found 9 vulnerabilities (8 low, 1 high) in 2659 scanned packages
9 vulnerabilities require semver-major dependency updates.
Hello Enosinger,
What is your node.js version ?
Best,
Tigtol
can confirm (using nodesource/8.12.0)
All issues above were fixed with socket.io 2.0.2 (their dependencies)
Still needs the upgrade
upgraded to 2.2.0 in the dev branch baac3413ed2ede52359edcf03d14279bfa5d8ec7
Most helpful comment
can confirm (using nodesource/8.12.0)
All issues above were fixed with socket.io 2.0.2 (their dependencies)