-
Notifications
You must be signed in to change notification settings - Fork 70
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Added safe-buffer and updated dependencies #51
Conversation
Tracking: nodejs/node#19079 |
.travis.yml
Outdated
@@ -6,6 +6,8 @@ node_js: | |||
- '4' | |||
- '6' | |||
- '7' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
we could remove this I reckon
yep, lgtm, I think you have enough perms to push through a release @mcollina |
Yes I'll do that. @ChALkeR can you check if I should backport this to the 0.9.x release line as well? |
1.x (together, hope you are backporting to 1.1 and 1.0, those are significant)
18716 modules total. 0.9
4433 modules total. 0.8
760 modules total. 0.7
202 modules total. 0.6
39 modules total. You certainly don't need backporting to 0.6, everything else is up to you =). |
@mcollina While I'm here, I also suggest considering using my polyfill instead — it would be a three byte change to this PR. |
safe-buffer is already going to be in the tree because of readable-stream and a lot of the other streams module that have been updated so far using it. I'd prefer not updating those at this time. @rvagg any opinion on the subject? |
@mcollina if this was my module, I would have backported to 0.8, I guess. If that doesn't contain security issues that are fixed in later versions by braking backwards compat — in that case, making it seem like old insecure versions are supported and giving people less reasons to migrate from those would be harmful. |
Fixes #50