With these “bleeding-edge” dependencies in package.json:
"dependencies": {
"can-component": "canjs/can-component#master",
"can-define": "canjs/can-define#master",
"can-map": "canjs/can-map#master",
"can-map-define": "canjs/can-map-define#master",
"can-stache": "canjs/can-stache#master",
"can-view-autorender": "canjs/can-view-autorender#master",
"can-view-model": "canjs/can-view-model#master",
"can-zone": "canjs/can-zone#master",
"jquery": "~3.0.0",
},
"devDependencies": {
"documentjs": "^0.4.4",
"done-serve": "donejs/done-serve#can3",
"donejs-cli": "donejs/cli#can3",
"generator-donejs": "donejs/generator-donejs#can3",
"jshint": "^2.9.2",
"steal": "stealjs/steal#major",
"steal-css": "stealjs/steal-css#master",
"steal-stache": "canjs/steal-stache#master",
"steal-qunit": "stealjs/steal-qunit#master",
"steal-tools": "stealjs/steal-tools#major",
"testee": "bitovi/testee#update-dependencies"
}
These WARNs are generated:
npm WARN deprecated cross-spawn-async@2.2.4: cross-spawn no longer requires a build toolchain, use it instead!
npm WARN deprecated minimatch@1.0.0: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
npm WARN deprecated graceful-fs@3.0.8: graceful-fs v3.0.0 and before will fail on node releases >= v7.0. Please update to graceful-fs@^4.0.0 as soon as possible. Use 'npm ls graceful-fs' to find it in the tree.
npm WARN deprecated minimatch@2.0.10: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
npm WARN deprecated babel-core@5.8.14: Babel 5 is no longer being maintained. Upgrade to Babel 6.
npm WARN deprecated line-numbers@0.2.0: Copy its ~20 LOC directly into your code instead.
npm WARN deprecated minimatch@0.3.0: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
npm WARN deprecated jade@0.26.3: Jade has been renamed to pug, please install the latest version of pug instead of jade
> fsevents@1.0.12 install /Users/leoj/workspace/donejs-plugin-bootstrap/node_modules/fsevents
> node-pre-gyp install --fallback-to-build
gyp WARN download NVM_NODEJS_ORG_MIRROR is deprecated and will be removed in node-gyp v4, please use NODEJS_ORG_MIRROR
gyp WARN download NVM_NODEJS_ORG_MIRROR is deprecated and will be removed in node-gyp v4, please use NODEJS_ORG_MIRROR
gyp WARN download NVM_NODEJS_ORG_MIRROR is deprecated and will be removed in node-gyp v4, please use NODEJS_ORG_MIRROR
Based on that, here’s everything that should probably be updated:
can-map-define
─┬ can-map-define@3.0.0-pre.2 (git://github.com/canjs/can-map-define.git#2533465c297654f5f879c677d7d83c029c77b7ce)
└── jquery@2.2.4 << Update to jQuery 3.0.0 >>
documentjs
─┬ documentjs@0.4.4
├─┬ chokidar@1.6.0
│ ├─┬ fsevents@1.0.12 << NVM_NODEJS_ORG_MIRROR is deprecated and will be removed in node-gyp v4 https://github.com/strongloop/fsevents/issues/136 >>
│ │ └─┬ node-pre-gyp@0.6.25
│ │ ├─┬ rimraf@2.5.2
│ │ │ └─┬ glob@7.0.3
│ │ │ ├─┬ minimatch@3.0.0 << Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue >>
│ │ └─┬ tar-pack@3.1.3
│ │ ├─┬ fstream-ignore@1.0.3
│ │ │ └─┬ minimatch@3.0.0 << Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue >>
├─┬ cross-spawn-async@2.2.4 << cross-spawn no longer requires a build toolchain, use it instead! >>
├─┬ less@1.7.5
│ ├── graceful-fs@3.0.8 << graceful-fs v3.0.0 and before will fail on node releases >= v7.0. Please update to graceful-fs@^4.0.0 as soon as possible. >>
├─┬ minimatch@1.0.0 << Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue >>
├─┬ steal-tools@0.13.6
│ ├─┬ glob@4.5.3
│ │ └── minimatch@2.0.10 << Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue >>
│ ├─┬ transpile@0.9.7
│ │ ├─┬ babel-core@5.8.14 << Babel 5 is no longer being maintained. Upgrade to Babel 6. >>
│ │ │ ├─┬ line-numbers@0.2.0 << Copy its ~20 LOC directly into your code instead. >>
│ │ │ ├── minimatch@2.0.10 << Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue >>
generator-donejs
─┬ generator-donejs@0.10.0-pre.4 (git://github.com/donejs/generator-donejs.git#6979b518fb2c34e349bd58e0cc397abafd2f4fff)
└─┬ yeoman-generator@0.20.3
├─┬ findup-sync@0.2.1
│ └─┬ glob@4.3.5
│ └── minimatch@2.0.10 << Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue >>
jshint
─┬ jshint@2.9.2
├─┬ cli@0.6.6
│ └─┬ glob@3.2.11
│ └─┬ minimatch@0.3.0 << Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue >>
├─┬ minimatch@2.0.10 << Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue >>
steal-stache
─┬ steal-stache@3.0.0-pre.2 (git://github.com/canjs/steal-stache.git#73bc376b5e41b69b45c4953fdf899c94777510a0)
└── jquery@2.2.4 << Update to jQuery 3.0.0 >>
steal-tools
─┬ steal-tools@1.0.0-beta.0 (git://github.com/stealjs/steal-tools.git#e6bc91cda9167061dbeb914bbd67c1c5fc6b58d5)
├─┬ glob@4.5.3
│ └── minimatch@2.0.10 << Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue >>
├─┬ traceur@0.0.91
│ ├─┬ glob@4.3.5
│ │ └── minimatch@2.0.10 << Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue >>
├─┬ istanbul@0.4.4
│ ├─┬ fileset@0.2.1
│ │ └── minimatch@2.0.10 << Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue >>
├─┬ miner@0.2.1
│ ├─┬ browserstacktunnel-wrapper@1.4.2
│ │ └─┬ unzip@0.1.11
│ │ ├─┬ fstream@0.1.31
│ │ │ └── graceful-fs@3.0.8 << graceful-fs v3.0.0 and before will fail on node releases >= v7.0. Please update to graceful-fs@^4.0.0 as soon as possible. >>
├─┬ mocha@2.5.3
│ ├─┬ glob@3.2.11
│ │ └─┬ minimatch@0.3.0 << Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue >>
│ ├─┬ jade@0.26.3 << Jade has been renamed to pug, please install the latest version of pug instead of jade >>
Which will of course probably be done by upstream maintainers in the near future.
the Issue links, like I’ve done myself, to let them know we care.