Node Security Platform giving error for a dependency (https://github.com/indexzero/TimeSpan.js). #20
Comments
|
Thanks we will have to find where this package is used and try to update or replace it. I'm not sure it's super high priority because the developer was talking about 50,000 character log messages which are much longer than typical. I'm not sure such long messages are best practice since they would be difficult to display or read. Nevertheless it would be good to improve the regex. Feel free to submit a PR if you get to it before us. |
|
@mostlyjason The problem is that people run NSP or similar security checks at build time and the builds fail. If you could fix this, it would be awesome! |
|
@marin-liovic thanks that makes sense! |
|
This should be fixed now closing |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
NSP is giving security warning for timespan package.
Here is the advisory provided:
https://nodesecurity.io/advisories/533
Here is the link to issue on the package's github
indexzero/TimeSpan.js#10
This package is no longer maintained. Latest commit was in Aug 2016.
The text was updated successfully, but these errors were encountered: