Closed charlie632 closed 2 years ago
You can use peerDependencies
field in package.json
with
...
"peerDependencies": {
"colors":"1.4.0",
"faker":"5.3.3" //If you use it too.
},
...
then re-run npm install
this can solve my problems. :smile: Hope this works on yours... :smile:
You can use
peerDependencies
field inpackage.json
with... "peerDependencies": { "colors":"1.4.0", "faker":"5.3.3" //If you use it too. }, ...
then re-run
npm install
this can solve my problems. 😄 Hope this works on yours... 😄
You'll also have to delete your package-lock.json
or yarn.lock
before installing again
Cool, thanks @cortinico
Description
colors.js version 1.4.2 includes a very serious vulnerability. See: https://www.bleepingcomputer.com/news/security/dev-corrupts-npm-libs-colors-and-faker-breaking-thousands-of-apps/
jscodeshift fixes it on 0.13.1 https://github.com/facebook/jscodeshift/commit/7cf9969c1fed3dcf535aebbc9986c32be9214ffc
Can
react-native-codeshift
bump to the newest version of jscodeshift without any regressions?https://github.com/facebook/react-native/blob/6be46b0bb59f2d88bc78e9a72db672bd55914fa7/packages/react-native-codegen/package.json#L23
Version
0.66.0
Output of
npx react-native info
-
Steps to reproduce
-
Snack, code example, screenshot, or link to a repository
No response