-
Notifications
You must be signed in to change notification settings - Fork 45
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
npm audit ansi-regex #108
Comments
BREAKING CHANGE: Require Node.js 8 as per https://github.com/chalk/strip-ansi/releases/tag/v6.0.0 Closes: litixsoft#108
Added PR to fix that |
Hello @Den-dp, |
@hitendra-ap so my PR is here #109 but there are some failed tests that someone should take a look at. It is up to the maintainer what to do with this PR. |
@LitixThomas would it be safe to assume that karma-mocha-reporter is no longer supported and is abandoned? |
Added CI-related fix to #109 Now it's green 🟢 |
Yes, karma-mocha-reporter is outdated and will no longer maintained. |
@LitixThomas @Den-dp Do someone is going to take over ownership of this project ? Any alternatives for this reporter ? |
Assuming that:
I hope that one day maintainers will reconsider their intent to drop this project and will find some time to merge the fix since right now it is low effort/low hanging fruit. I have no plans on forking it and publishing it to npm. |
I think the main issue here might be that in the current versions, the dependencies modules have moved to cjs to esm which might be an issue with karma. The esm karma conf file issue is still open: karma-runner/karma#3677. |
Commenting to mention I'm looking for #109 to be merged as well. Maintainers, please consider. |
I'm getting these nm audit warnings. Can you please update the dependency on ansi-regex for this module?
ansi-regex >2.1.1 <5.0.1
Severity: moderate
Inefficient Regular Expression Complexity in chalk/ansi-regex - GHSA-93q8-gq69-wqmw
fix available via
npm audit fix --force
Will install [email protected], which is a breaking change
node_modules/inquirer-autosubmit-prompt/node_modules/ansi-regex
node_modules/inquirer-autosubmit-prompt/node_modules/string-width/node_modules/ansi-regex
node_modules/karma-mocha-reporter/node_modules/ansi-regex
node_modules/wrap-ansi/node_modules/ansi-regex
strip-ansi 4.0.0 - 5.2.0
Depends on vulnerable versions of ansi-regex
node_modules/inquirer-autosubmit-prompt/node_modules/string-width/node_modules/strip-ansi
node_modules/inquirer-autosubmit-prompt/node_modules/strip-ansi
node_modules/karma-mocha-reporter/node_modules/strip-ansi
node_modules/wrap-ansi/node_modules/strip-ansi
inquirer 3.2.0 - 7.0.4
Depends on vulnerable versions of string-width
Depends on vulnerable versions of strip-ansi
node_modules/inquirer-autosubmit-prompt/node_modules/inquirer
inquirer-autosubmit-prompt *
Depends on vulnerable versions of inquirer
node_modules/inquirer-autosubmit-prompt
listr-input >=0.2.0
Depends on vulnerable versions of inquirer-autosubmit-prompt
node_modules/listr-input
np >=4.0.0
Depends on vulnerable versions of listr
Depends on vulnerable versions of listr-input
node_modules/np
karma-mocha-reporter >=2.2.4
Depends on vulnerable versions of strip-ansi
node_modules/karma-mocha-reporter
string-width 2.1.0 - 4.1.0
Depends on vulnerable versions of strip-ansi
node_modules/inquirer-autosubmit-prompt/node_modules/string-width
node_modules/wrap-ansi/node_modules/string-width
wrap-ansi 3.0.0 - 6.1.0
Depends on vulnerable versions of string-width
Depends on vulnerable versions of strip-ansi
node_modules/wrap-ansi
log-update 2.1.0 - 3.4.0
Depends on vulnerable versions of wrap-ansi
node_modules/log-update
listr-update-renderer >=0.5.0
Depends on vulnerable versions of log-update
node_modules/listr-update-renderer
listr >=0.14.3
Depends on vulnerable versions of listr-update-renderer
node_modules/listr
12 moderate severity vulnerabilities
The text was updated successfully, but these errors were encountered: