Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

warnings during installation - deprecated dependencies #378

Open
ghost opened this issue Nov 25, 2016 · 6 comments
Open

warnings during installation - deprecated dependencies #378

ghost opened this issue Nov 25, 2016 · 6 comments

Comments

@ghost
Copy link

ghost commented Nov 25, 2016

npm install -g strongloop

npm WARN deprecated node-uuid@1.4.7: use uuid module instead
npm WARN deprecated minimatch@0.3.0: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
npm WARN deprecated minimatch@2.0.10: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
@chazzmoney
Copy link

npm install -g strongloop

npm WARN deprecated nodemailer@2.7.2: All versions below 4.0.1 of Nodemailer are deprecated. See https://nodemailer.com/status/
npm WARN deprecated gulp-util@3.0.8: gulp-util is deprecated - replace it, following the guidelines at https://medium.com/gulpjs/gulp-util-ca3b1f9f9ac5
npm WARN deprecated ejs@1.0.0: Critical security bugs fixed in 2.5.5
npm WARN deprecated minimatch@0.3.0: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
npm WARN deprecated graceful-fs@3.0.11: please upgrade to graceful-fs 4 for compatibility with current and future versions of Node.js
npm WARN deprecated node-uuid@1.4.8: Use uuid module instead
npm WARN deprecated connect@2.30.2: connect 2.x series is deprecated
npm WARN deprecated coffee-script@1.6.3: CoffeeScript on NPM has moved to "coffeescript" (no hyphen)
npm WARN deprecated minimatch@2.0.10: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue

@chazzmoney
Copy link

"Critical security bugs" and "RegExp DoS" sound scary for a PM that is intended for use in production environments. Are these issues as concerning as they sound?

@sam-github
Copy link
Contributor

Don't install the deprecated strongloop package, do npm i -g strong-pm instead

@stale
Copy link

stale bot commented Jul 21, 2021

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

@stale stale bot added the stale label Jul 21, 2021
@davidfstr
Copy link

Don't install the deprecated strongloop package, do npm i -g strong-pm instead

If the "strongloop" package is incorrect then the home page for StrongLoop Process Manager needs to be updated:
Screen Shot 2022-06-13 at 3 44 43 PM

@stale stale bot removed the stale label Jun 13, 2022
@davidfstr
Copy link

In fact according to this documentation, it might be the case that you need to install the pm2 package instead.

npm install pm2

Regardless, the home page still seems to be recommending an incorrect npm package to install.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@sam-github @davidfstr @chazzmoney