Comments (5)
v4.0.1 is listed on npm as deprecated, and is listed as vulnerable on this advisory: https://www.npmjs.com/advisories/1474
Yet it appears to have been patched in the same manner as v5.0.1
Could you confirm whether v4.0.1 is vulnerable, and get this advisory updated if not? Thanks!
Projects using v4.0.0 currently have no upgrade path without dropping support for Node v10.
from ammo.
How do you have version 4? What version of hapi are you using?
from ammo.
I'm not using it directly; but a transitive dependency I am using (ipfs
) as added @hapi/ammo@^4.0.0
as a dependency: https://github.com/ipfs/js-ipfs/blob/master/package.json#L70
(they are using @hapi/hapi@^18.3.2
)
from ammo.
Well they shouldn’t have. hapi 18 uses ammo 3. ammo 4 was published by mistake and is not supported.
from ammo.
Ok! Good to know.
from ammo.
Related Issues (20)
- Update deps HOT 1
- Update deps. HOT 1
- Stream early exit HOT 2
- Node 8 HOT 1
- Update hoek v6 HOT 1
- Remove engines HOT 1
- Commercial version of v2 branch HOT 1
- Change module namespace HOT 1
- Update deps HOT 1
- Action required: Greenkeeper could not be activated 🚨 HOT 1
- Drop node 8
- Add types
- Missing API on v3
- Only node 12
- Strict parsing
- Backport #37
- Backport #37
- npm Security notification
- Update deps HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ammo.