-
Notifications
You must be signed in to change notification settings - Fork 4
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Ecstatic Dependency Version #67
Comments
We will fix it ASAP. Thanks for reporting. |
@jonek The author has backported the fix to ecstatic 2.x as 2.2.2 so the existing versions depending on |
The upstream npm module has been re-published to npm and now contains a backport of a security fix. See jfhbrook/node-ecstatic@709c0f0
@jonek Will need to revert 66be537; npm just republished the old versions which has subsequently made 2.2.2 disappear. |
@cookieguru What has happened 😱? I don't get it - how can npm revert backports of a security fix and re-publish old unsecure versions? |
🤷♂️ if enough people complain to npm anything is possible!? That happened with left pad. |
Obviously npm just reverted the ecstatic repository to a state that does not contain today's releases of security relevant fixes anymore. This commit rolls back the version update from earlier today to cope with these changes at npm.
Having trouble getting the tabris-cli installed, and I just found out that currently only the latest version of ecstatic is available via npm: "4.1.2"
npm install -g tabris-cli
__
npm ERR! code ETARGET
npm ERR! notarget No matching version found for ecstatic@^2.1.0
npm ERR! notarget In most cases you or one of your dependencies are requesting
npm ERR! notarget a package version that doesn't exist.
npm ERR! notarget
npm ERR! notarget It was specified as a dependency of 'tabris-cli'
npm ERR! notarget
Assuming the cause of this is the tabris-cli ecstatic dependency version. Any thoughts?
The text was updated successfully, but these errors were encountered: