Closed nicokempe closed 8 months ago
Hey Buddy,
Thanks for doing a research about the packages.
I will take a look at it in the upcoming days :)
I have created an upstream issue in the unplugin-remove package as it should be fixed there.
I will provide the package author all the help needed to resolve it.
Will keep you posted :)
Thank you very much!
Hello,
I've identified an issue in the
nuxt-security
package (version 1.0.0) related to its dependencies, specifically concerning an indirect dependency on a deprecated package.Environment
Issue Description
nuxt-security
indirectly depends on the deprecated packagesourcemap-codec@1.4.8
. This was uncovered usingpnpm why sourcemap-codec
, which traces the dependency throughnuxt-security -> unplugin-remove -> magic-string -> sourcemap-codec
.The use of deprecated dependencies could potentially lead to compatibility or security issues in the future, which is a significant concern for the reliability and security of our project.
Expected Behavior
Dependencies within
nuxt-security
should be up-to-date to ensure compatibility and security.Steps to Reproduce
nuxt-security
version 1.0.0 in a Nuxt 3 project.pnpm why sourcemap-codec
to observe the dependency chain.Could you please provide information on whether there is a plan to address this issue in a future update of
nuxt-security
?Thank you for your assistance and the work you do maintaining this package. ❤️