Ecstatic Dependency Version #67
Comments
|
We will fix it ASAP. Thanks for reporting. |
|
@jonek The author has backported the fix to ecstatic 2.x as 2.2.2 so the existing versions depending on |
review-squirrel
pushed a commit
that referenced
this issue
May 3, 2019
The upstream npm module has been re-published to npm and now contains a backport of a security fix. See jfhbrook/node-ecstatic@709c0f0
|
@jonek Will need to revert 66be537; npm just republished the old versions which has subsequently made 2.2.2 disappear. |
|
@cookieguru What has happened 😱? I don't get it - how can npm revert backports of a security fix and re-publish old unsecure versions? |
|
🤷♂️ if enough people complain to npm anything is possible!? That happened with left pad. |
review-squirrel
pushed a commit
that referenced
this issue
May 3, 2019
Obviously npm just reverted the ecstatic repository to a state that does not contain today's releases of security relevant fixes anymore. This commit rolls back the version update from earlier today to cope with these changes at npm.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Having trouble getting the tabris-cli installed, and I just found out that currently only the latest version of ecstatic is available via npm: "4.1.2"
npm install -g tabris-cli
__
npm ERR! code ETARGET
npm ERR! notarget No matching version found for ecstatic@^2.1.0
npm ERR! notarget In most cases you or one of your dependencies are requesting
npm ERR! notarget a package version that doesn't exist.
npm ERR! notarget
npm ERR! notarget It was specified as a dependency of 'tabris-cli'
npm ERR! notarget
Assuming the cause of this is the tabris-cli ecstatic dependency version. Any thoughts?
The text was updated successfully, but these errors were encountered: