npm install presents warning about puppeteer version

astefanutti / decktape

PDF exporter for HTML presentations

MIT License

2.19k stars 176 forks source link

Closed DuaneOBrien closed 5 years ago

DuaneOBrien commented 5 years ago

npm install or npm audit raises an alert about the required version of puppeteer.

Advisory is here.

Bumping puppeteer version to 1.13 in package.json should resolve.

astefanutti commented 5 years ago

I was holding the Puppeteer upgrade because of the following constraints:

The Chromium Alpine port should be available for the version used by Puppeteer, as Decktape Docker image uses Alpine base image,
There is a regression introduced in Chromium 75 (Puppeteer 1.15.0) that affects Mac OS PDF preview: https://crbug.com/995265.

That being said, upgrading to Puppeteer 1.13.0 satisfies these two constraints and should solve the security warning.

astefanutti commented 5 years ago

It should be fixed with d0fcbe57701fd6f7a4ab220544a03ebcee13f98e.

Thanks a lot for the report!