BenBirt
commented
9 months ago This is a duplicate of https://github.com/dataform-co/dataform/issues/1615.
TL; DR: we use vm2 for some useful features (basically providing an out-of-the-box execution environment). We do not rely on it for any kind of sandboxing.
We will replace it, but that work is at a low priority.
Hello,
When I install npm install -g @dataform/cli@latest, I have an error saying:
npm WARN deprecated vm2@3.9.19: The library contains critical security issues and should not be used for production! The maintenance of the project has been discontinued. Consider migrating your code to isolated-vm.
What should we do about it?