pls stop #61
Comments
|
@Announcement I'm not sure I understand? |
|
@Announcement it's true that more recent versions of node are starting to lessen the utility of this module, but there are certainly still valid use cases for people running versions prior to v8.x. Regarding this module being "probably a giant security threat", could you expand on that? That's a pretty serious assertion. |
|
what i'm asking is, there are probably very valid reasons that this is still in existence, but i just can't come up with any realistic AND reasonable ones. @RyanZim security@jmar777 on the otherhandalthough, half way through writing this i did realize something. on the other hand is if we went the other route, and let him use the old api/usage on the newer version of node that would be very useful. |
|
@Announcement Apologies if I'm missing something, but are you under the impression that this project is io.js, perhaps? |
|
no, it's a library that makes using the old software more usable, yes? @jmar777 |
|
@Announcement Yes (depending on your definition of "usable", I suppose). I think I'm just confused regarding your reference to io.js, then. Could you provide a specific example of a security concern? Perhaps it would help if we clarified that |
|
This module makes Node.js v4, which is still getting security patches till April way easier to use. |
|
@Announcement This module's primary purpose is to expose a promisified version of the builtin Node.js API. This is something that isn't present in the latest Node.js version so this is not a shim/polyfill... Anyhow, I don't see how opening issues titled "pls stop" before even reading thru the code helps anything... |
why is it a good idea to enable "developers" to continue to use software that is long past is lifespan, and probably a giant security threat?
The text was updated successfully, but these errors were encountered: