Open kirsle opened 2 years ago
Sorry I can't help on this. fs related packages are a nightmare. I had to import file by file. I'm discovering Rivescript (yep, after the party's over, but I see so much potential in it, despite playing with nlp for years) so I can't tell for others.
OK, I gave it a try (to see if the fix I proposed about the "add" (and other) functions was working).
Even webpack@4.46.0 install is problematic nowadays:
found 24 vulnerabilities (1 low, 9 moderate, 14 high)
fixed 0 of 24 vulnerabilities in 895 scanned packages
15 vulnerabilities required manual review and could not be updated
1 package update for 9 vulnerabilities involved breaking changes
Do you think using another packaging like rollup or snowpack could work?
i think the issues lies in the node modules not so much the package manager?
a lot of them have open issues ranging from low to high when visiting their github pages but i may be misunderstanding the question.
i haven't contributed much i mainly used rivescript for a private chatbot for the last 2 years fixed issues on my own but the ones i fixed seem to not be issues now in the main js git.
GitHub regularly warns me that several dependencies in rivescript-js's tree have vulnerabilities. I have tried on a number of occasions to upgrade all the dependencies, and only end up getting myself into dependency hell.
RiveScript.js is intended to be extremely light on dependencies, with its package.json naming only three:
The babel dependencies are really only so the shell.js and unit tests and things like that work as-is in the git repo. The fs-readdir-recursive dependency could be removed by just manually writing a recursive directory scan function using the Node standard
fs
library in place of this line of code. For some reason, trying to upgrade all of these leads to chaos and vulnerabilities remain in their dependency trees in a way I have not been able to resolve.Help needed if you want to take a stab at it!
For full disclosure, the npm audit report at time of writing is as follows: