search

jones2000 / HQChart

HQChart - H5, 微信小程序 沪深/港股/数字货币/期货/美股 K线图(kline),走势图,缩放,拖拽,十字光标,画图工具,截图,筹码图. 分析家语法,通达信语法,(麦语法),第3方数据替换接口
https://jones2000.github.io/HQChart/webhqchart.demo/samples/kline_index_edit.html
Apache License 2.0
2.86k stars 735 forks source link

npm audit (fix) on macOS Sonoma 14.1 #169

Closed yezhengli-Mr9 closed 9 months ago

yezhengli-Mr9 commented 10 months ago 
npm install hqchart
npm WARN deprecated source-map-url@0.4.1: See https://github.com/lydell/source-map-url#deprecated
npm WARN deprecated urix@0.1.0: Please see https://github.com/lydell/urix#deprecated
npm WARN deprecated resolve-url@0.2.1: https://github.com/lydell/resolve-url#deprecated
npm WARN deprecated source-map-resolve@0.5.3: See https://github.com/lydell/source-map-resolve#deprecated
npm WARN deprecated acorn-dynamic-import@2.0.2: This is probably built in to whatever tool you're using. If you still need it... idk
npm WARN deprecated axios@0.16.2: Critical security vulnerability fixed in v0.21.1. For more information, see https://github.com/axios/axios/pull/3410
npm WARN deprecated fsevents@1.2.13: The v1 package contains DANGEROUS / INSECURE binaries. Upgrade to safe fsevents v2
npm WARN deprecated chokidar@2.1.8: Chokidar 2 does not receive security updates since 2019. Upgrade to chokidar 3 with 15x fewer dependencies
npm WARN deprecated core-js@2.6.12: core-js@<3.23.3 is no longer maintained and not recommended for usage due to the number of issues. Because of the V8 engine whims, feature detection in old core-js versions could cause a slowdown up to 100x even if nothing is polyfilled. Some versions have web compatibility issues. Please, upgrade your dependencies to the actual version of core-js.

added 406 packages, and audited 408 packages in 35s

27 packages are looking for funding
  run `npm fund` for details

14 vulnerabilities (6 moderate, 8 high)

To address issues that do not require attention, run:
  npm audit fix

Some issues need review, and may require choosing
a different dependency.

Run `npm audit` for details.
npm notice
npm notice New patch version of npm available! 10.2.3 -> 10.2.4
npm notice Changelog: https://github.com/npm/cli/releases/tag/v10.2.4
npm notice Run npm install -g npm@10.2.4 to update!
npm notice

and not for sure npm audit, npm audit fix can resolve the problem.

OS: macOS Sonoma 14.1

jones2000 commented 10 months ago

HQChart only use jsquery, other dependent modules is for test. use 1.1.12708 version, i removed all dependent modules which is for test page.

jones2000 commented 9 months ago

image

yezhengli-Mr9 commented 9 months ago

Thanks for the response~ Not to explore in the short term, at least, not within next two weeks. Seems indeed get something fixed:

npm install hqchart
changed 1 package, and audited 5 packages in 3s
2 vulnerabilities (1 high, 1 critical)
Some issues need review, and may require choosing
a different dependency.
Run `npm audit` for details.