From a96c7b51e094425b6a00db83a55cc55f88a3403e Mon Sep 17 00:00:00 2001 From: Christian Clauss Date: Thu, 19 Mar 2020 02:15:40 +0100 Subject: [PATCH 1/2] node --version --- .travis.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index c281373ecc..8f38739997 100644 --- a/.travis.yml +++ b/.travis.yml @@ -102,7 +102,9 @@ before_script: - npm list script: - node -e 'require("npmlog").level="verbose"; require("./lib/find-python")(null,()=>{})' - - npm test + - node --version + # Standard no longer supports Node.js v6 + - if [[ $(node --version) != 'v6.17.0' ]]; then npm test; fi - GYP_MSVS_VERSION=2015 GYP_MSVS_OVERRIDE_PATH="C:\\Dummy" python -m pytest notifications: on_success: change From 4ebbc9e43f1883dedcef045a1ca9cc24a06d6c49 Mon Sep 17 00:00:00 2001 From: Ross Harrison Date: Mon, 30 Mar 2020 14:11:31 -0500 Subject: [PATCH 2/2] dep: remove mkdirp dependency * dep: mkdirp hasn't been updated in 4 years, and node's fs library has had a recursive option for `fs` since v10.12 (oldest active LTS version). Additionally `mkdirp` depends on a version of library `minimist` that has a minor vulnerability associated. Refs: * https://nodejs.org/api/fs.html#fs_fs_mkdir_path_options_callback * https://npmjs.com/advisories/1179 --- lib/configure.js | 5 +++-- lib/install.js | 6 +++--- package.json | 1 - 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/lib/configure.js b/lib/configure.js index 564564eea4..9fcee28d4e 100644 --- a/lib/configure.js +++ b/lib/configure.js @@ -1,10 +1,10 @@ 'use strict' +const nodeFs = require('fs') const fs = require('graceful-fs') const path = require('path') const log = require('npmlog') const os = require('os') -const mkdirp = require('mkdirp') const processRelease = require('./process-release') const win = process.platform === 'win32' const findNodeDirectory = require('./find-node-directory') @@ -73,7 +73,8 @@ function configure (gyp, argv, callback) { function createBuildDir () { log.verbose('build dir', 'attempting to create "build" dir: %s', buildDir) - mkdirp(buildDir, function (err, isNew) { + + nodeFs.mkdir(buildDir, { recursive: true }, function (err, isNew) { if (err) { return callback(err) } diff --git a/lib/install.js b/lib/install.js index c919c10588..d5ce2e75ad 100644 --- a/lib/install.js +++ b/lib/install.js @@ -1,5 +1,6 @@ 'use strict' +const nodeFs = require('fs') const fs = require('graceful-fs') const os = require('os') const tar = require('tar') @@ -8,7 +9,6 @@ const crypto = require('crypto') const log = require('npmlog') const semver = require('semver') const request = require('request') -const mkdir = require('mkdirp') const processRelease = require('./process-release') const win = process.platform === 'win32' const getProxyFromURI = require('./proxy') @@ -114,7 +114,7 @@ function install (fs, gyp, argv, callback) { log.verbose('ensuring nodedir is created', devDir) // first create the dir for the node dev files - mkdir(devDir, function (err, created) { + nodeFs.mkdir(devDir, { recursive: true }, function (err, created) { if (err) { if (err.code === 'EACCES') { eaccesFallback(err) @@ -310,7 +310,7 @@ function install (fs, gyp, argv, callback) { log.verbose(name, 'dir', dir) log.verbose(name, 'url', libUrl) - mkdir(dir, function (err) { + nodeFs.mkdir(dir, { recursive: true }, function (err) { if (err) { return done(err) } diff --git a/package.json b/package.json index 478f43cb81..bf2f933434 100644 --- a/package.json +++ b/package.json @@ -25,7 +25,6 @@ "env-paths": "^2.2.0", "glob": "^7.1.4", "graceful-fs": "^4.2.2", - "mkdirp": "^0.5.1", "nopt": "^4.0.1", "npmlog": "^4.1.2", "request": "^2.88.0",