Skip to content
This repository has been archived by the owner on May 15, 2023. It is now read-only.

Replace unmaintained dependencies #186

Open
DeeDeeG opened this issue Mar 27, 2020 · 1 comment
Open

Replace unmaintained dependencies #186

DeeDeeG opened this issue Mar 27, 2020 · 1 comment

Comments

@DeeDeeG
Copy link
Contributor

DeeDeeG commented Mar 27, 2020

Hi,

string and optimist are unmaintained. They also have vulnerability reports against them (or their own dependencies; optimist depends on an old version of minimist that is vulnerable).

Suggested replacements...

@DeeDeeG
Copy link
Contributor Author

DeeDeeG commented Mar 27, 2020

As far as I can tell string is only needed for the string.truncate function...

var strObj = require('string');

description = strObj(description).truncate(len - 50).s;

Could be replaced by .truncate from the underscore.string project? Or the truncate project (though the truncate project appears to round up from the cutoff length, whereas string's truncation appears to round down).


And apparently yargs is very similar to optimist... See this PR in another repo for an example of how to switch from optimist to yargs. https://github.com/wycats/handlebars.js/pull/1662/files

Suddenly realized optimist is an indirect dependency (of handlebars). So this is waiting on handlebars-lang/handlebars.js#1662.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant