liborm85
commented
2 years ago pdfkit is defined in package.json, but is not used by svg-to-pdfkit: https://github.com/alafr/SVG-to-PDFKit/blob/f47005207f71a0d9c6b60939f0c8cb5a01917419/package.json#L11
pdfkit dependency could be removed and that will solve this issue.
pdfmake ->SVG-to-PDFKitmodule having vulnerabilities with following error Withdrawn: Arbitrary Code Execution in static-evalTeam can you please check this, its occurring with latest version SVG-to-PDFKit i.e 0.1.8
Ref issue: https://github.com/bpampuch/pdfmake/issues/2342