npm deprecation warnings

[mk-pmb]

You might want to upgrade these deps:

npm WARN deprecated minimatch@2.0.10: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
npm WARN deprecated nodemailer@2.7.2: All versions below 4.0.1 of Nodemailer are deprecated. See https://nodemailer.com/status/

There may be more but I got bored watching the install so maybe I'll update the post once install finished.

[gr2m]

Thanks @mk-pmb!

It’s not as straight forward to update them. Some context

the minimatch seems to come from @hoodie/admin which we is a bit stale in its development, it’s also a sub sub sub sub sub dependency so I’m not sure how easy it will be to update for us

├─┬ @hoodie/admin@1.3.1
│ └─┬ ember-truth-helpers@1.3.0
│   └─┬ ember-cli-babel@5.2.4
│     ├─┬ broccoli-babel-transpiler@5.6.2
│     │ └─┬ babel-core@5.8.38
│     │   └── minimatch@2.0.10 

we want to remove the nodemailer dependency altogether from @hoodie/account-server and have people implement things like email reset password flows themselves via plugins

└─┬ @hoodie/server@23.0.0
  └─┬ @hoodie/account-server@6.1.0
    └── nodemailer@2.7.2

we could probably update nodemailer to v4 in @hoodie/acount-server though as its a direct dependency

[digitalhemanth]

npm install -g nodemailer

    // use this command 

[mk-pmb]

@digitalhemanth If installing a current version of the deprecated dependency globally turns off the deprecation warning on your node, I'd consider that a hint that your node might have problems with dependency resolution.

[dhuang612]

Is this something I can work on?

[gr2m]

Sure, feel free to :)

[dhuang612]

created the following PR
#891

[dhuang612]

I can start on the devDependencies next

[dhuang612]

created PR #892
for deprecation warnings under dev dependencies!

Thanks