antongolub
commented
2 years ago Hey, @Ramon404,
Have you tried v1.9.9?
Closed Ramon404 closed 2 years ago
antongolub
commented
2 years ago Hey, @Ramon404,
Have you tried v1.9.9?
antongolub
commented
2 years ago We've already pinned colors to v1.4.0 and released the fix as a part of synp@1.9.9
https://github.com/imsnif/synp/blob/master/package.json#L39
antongolub
commented
2 years ago Seems we have to deprecate all synp versions of range <1.9.9.
https://github.com/imsnif/synp/issues/86
UPD 2022-01-11 Or maybe not. It looks like npm has removed vulnerable versions of colors lib from the registry: (Semi-Official) Status Update Marak/colors.js#317
Ramon404
commented
2 years ago Hey. Sorry I've actually just uninstalled it because I had to continue with my work. I'll check later what version I had (I just installed the latest from npm), and see if v1.9.9 fixes the issue
antongolub
commented
2 years ago Everything is fine now. The issue has gone as a result of the removal of compromised colors versions from the npm registry.
Issue description:
After initially trying out the command to convert yarn.lock to package-lock.json I got those weird infinite loop of symbols on my terminal. That kept on for hours before I force stopped it. It keeps happening when I try and run other npm commands like npm run start, even after uninstalling the synp package. Please see the screenshot attached.
