You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Github marked one of the dependencies "hapijs / hoek" as it is known to be a potential security problem. Can we update the dependencies or even dependencies? Or get rid of the dependence? If it even needed in the latest version?
The text was updated successfully, but these errors were encountered:
Seems that hoek is part of node-gyp. (https://stackoverflow.com/questions/39739626/what-is-node-gyp).
the contributers are already on it. nodejs/node-gyp#1502.
Since node-gyp might play a crucial role in compiling internal node or express packages I dont really know if removing it or a depency is a good idea. I'm still trying to find out if I still can force an update of hoek itself in any way.
Github marked one of the dependencies "hapijs / hoek" as it is known to be a potential security problem. Can we update the dependencies or even dependencies? Or get rid of the dependence? If it even needed in the latest version?
The text was updated successfully, but these errors were encountered: