Switch cmd parser to latest minimist #1672
Conversation
|
Travis CI status did not update on the pull request, but here is a link to the passing Travis CI build: https://travis-ci.org/github/wycats/handlebars.js/builds/670392714 |
|
Will take a look ASAP |
|
Happy to take this out for a spin :) |
|
This also fixes #1673 |
|
Just to let you know, I am looking to merge and release this. I would prefer to do the node changes separately as a revert though. I then plan to revert this change on the master branch because (as you said on twitter) the yargs changes are slightly more maintainable long term. This would leave us with #1673 on master, but I've found a fix for that. |
|
I've pushed the change to split out the node changes to the PR which also has the side effect of getting the travis build to show here properly. |
|
4.7.6 is out and will hopefully solve all the issues. Thanks for taking the time to provide a solution to this tricky situation ❤️. Here's to hoping that the overbearing package security system that is the root cause gets under control soon 🤞 |
This pull request just swaps the command line parser to the latest version of minimist, which removes a couple of "regressions" (like the changed description of version and the changed position of the help option), but mainly both (1) removes the minimist security notice and (2) keeps the 4.x on the same Node.js version support plan.
I hope this pull request can be considered.