Open boly38 opened 1 year ago
Hi thanks for this lib!
it seems that right now, html-pdf@3.0.1 (source) is deprecated and embeds vulnerability
└─┬ pdf-creator-node@2.3.5 └─┬ html-pdf@3.0.1 └─┬ phantomjs-prebuilt@2.1.16 └── request@2.88.2 request * Severity: moderate Server-Side Request Forgery in Request - https://github.com/advisories/GHSA-p8p7-x288-28g6 Depends on vulnerable versions of tough-cookie No fix available node_modules/request phantomjs-prebuilt * Depends on vulnerable versions of request node_modules/phantomjs-prebuilt html-pdf >=2.0.0 Depends on vulnerable versions of phantomjs-prebuilt node_modules/html-pdf pdf-creator-node * Depends on vulnerable versions of html-pdf node_modules/pdf-creator-node
as html-pdf is deprecated, there is a tips on npmjs page to move to puppeteer.
puppeteer
IDK really the impact :) but did you plan to migrate dep in order to fix the request moderate vulnerability ?
request
Thanks
Hi thanks for this lib!
it seems that right now, html-pdf@3.0.1 (source) is deprecated and embeds vulnerability
as html-pdf is deprecated, there is a tips on npmjs page to move to
puppeteer.IDK really the impact :) but did you plan to migrate dep in order to fix the
requestmoderate vulnerability ?Thanks