Skip to content
This repository was archived by the owner on Jan 31, 2023. It is now read-only.
This repository was archived by the owner on Jan 31, 2023. It is now read-only.

[email protected] is deprecated due to ReDos regression #63

Closed
Closed
[email protected] is deprecated due to ReDos regression#63
@nicholaschiang

Description

@nicholaschiang
nicholaschiang
opened on Mar 30, 2021
  • Operating System: Pop_OS 20.04! (Ubuntu 20.04)
  • Cypress Version: 6.8.0
  • Browser Version: Firefox 87.0

Is this a Feature or Bug?

This is a dependency bug.

Current behavior:

You're currently using [email protected] which prints installation warnings:

➤ YN0061: │ debug@npm:4.1.1 is deprecated: Debug versions >=3.2.0 <3.2.7 || >=4 <4.3.1 have a low-severity ReDos regression when used in a Node.js environment. It is recommended you upgrade to 3.2.7 or 4.3.1. (https://github.com/visionmedia/debug/issues/797)

Desired behavior:

You should upgrade that debug dependency to get rid of that installation warning for new users.

How to reproduce:

  1. Run a fresh install of @cypress/code-coverage (which depends on this package).
  2. See installation warning.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions