blendid
blendid copied to clipboard
vigetlabs
update dependencies
upon installing blendid, there are several warnings related to deprecated packages:
warning blendid > [email protected]: 🙌 Thanks for using Babel: we recommend using babel-preset-env now: please read babeljs.io/env to update!
warning blendid > [email protected]: gulp-util is deprecated - replace it, following the guidelines at https://medium.com/gulpjs/gulp-util-ca3b1f9f9ac5
warning blendid > gulp-cssnano > [email protected]: gulp-util is deprecated - replace it, following the guidelines at https://medium.com/gulpjs/gulp-util-ca3b1f9f9ac5
warning blendid > gulp-autoprefixer > [email protected]: gulp-util is deprecated - replace it, following the guidelines at https://medium.com/gulpjs/gulp-util-ca3b1f9f9ac5
warning blendid > gulp-data > [email protected]: gulp-util is deprecated - replace it, following the guidelines at https://medium.com/gulpjs/gulp-util-ca3b1f9f9ac5
warning blendid > gulp-sass > [email protected]: gulp-util is deprecated - replace it, following the guidelines at https://medium.com/gulpjs/gulp-util-ca3b1f9f9ac5
warning blendid > gulp-sequence > [email protected]: gulp-util is deprecated - replace it, following the guidelines at https://medium.com/gulpjs/gulp-util-ca3b1f9f9ac5
warning blendid > gulp-rev-napkin > [email protected]: gulp-util is deprecated - replace it, following the guidelines at https://medium.com/gulpjs/gulp-util-ca3b1f9f9ac5
warning blendid > gulp > vinyl-fs > [email protected]: please upgrade to graceful-fs 4 for compatibility with current and future versions of Node.js
warning blendid > gulp > vinyl-fs > glob-stream > [email protected]: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
warning blendid > gulp-nunjucks-render > through2 > xtend > [email protected]:
warning blendid > gulp > vinyl-fs > glob-watcher > gaze > globule > [email protected]: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
warning blendid > gulp > vinyl-fs > glob-watcher > gaze > globule > glob > [email protected]: please upgrade to graceful-fs 4 for compatibility with current and future versions of Node.js
these are distilled to:
- [x] update babel-preset-es2015 to babel-preset-env
- [x] update gulp-util (https://medium.com/gulpjs/gulp-util-ca3b1f9f9ac5)
- [ ] check if update to gulp exists to rectify many errors
- [ ] check if update to gulp-cssnano exists to rectify gulp-util error
- [x] check if update to gulp-autoprefixer exists to rectify gulp-util error
- [x] check if update to gulp-data exists to rectify gulp-util error
- [ ] check if update to gulp-sass exists to rectify gulp-util error
- [x] check if update to gulp-sequence exists to rectify gulp-util error
- [x] check if update to gulp-rev-napkin exists to rectify gulp-util error
- [x] update gulp-nunjucks-render to rectify through2 error
gulp-sass is in the process of being updated: https://github.com/dlmanning/gulp-sass/issues/646 gulp-cssnano is in the process of being updated: https://github.com/ben-eb/gulp-cssnano/issues/92 gulp is in the process of being updated: https://github.com/gulpjs/gulp/issues/1486
will update once those remaining few are resolved
gulp-sass v4.0.0 was released, which fixes the gulp-util warning.
The warnings on the gulp install can be fixed by moving to v4.0.0 as well, I believe.
Additionally, gulp-rev-replace is no longer maintained, but maintenance continues in gulp-rev-rewrite.
As of now, the main thing is Gulp 4 (#578)
Snyk recommends the following:
- upgrade open from 0.0.5 to 6.0.0
- upgrade gulp-nunjucks-render from 2.2.2 to 2.2.3
- upgrade webpack from 3.12.0 to 4.0.0
Snyk also turns up these warnings:
- gulp-cssnano has security problems would be addressed by switching to (non-gulp) cssnano
- gulp-sass 4.0.2's node-sass 4.11.0's node-gyp 3.8.0's tar 2.2.1 is out of date
- gulp-svgstore 7.0.1's cheerio 0.22.0's lodash.merge 4.6.1 is bad
