问题
Nearly all the time I use npm to install a package, I get a warning like:
npm WARN deprecated minimatch@1.0.0: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
Then I install the dubious packages with the advised version number.
Is there any way to make npm do this automatically? At own risk of course.
回答1:
If you're not depending directly on the deprecated packages, you're probably not accomplishing anything by installing them directly. Whichever package depends on it is the one that needs to update its dependencies, and so on until you reach the package you're developing. Essentially: if it's important (e.g. a security problem), notify the package maintainers; if not, ignore the deprecation warning.
来源:https://stackoverflow.com/questions/38889519/how-to-deal-with-deprecation-warnings-from-npm