I' not very familiar with the npm ecosystem, but when running npm install to be able to build this project locally, I get the following output:
$ npm install
npm WARN deprecated querystring@0.2.0: The querystring API is considered Legacy. new code should use the URLSearchParams API instead.
added 186 packages, and audited 187 packages in 5s
23 packages are looking for funding
run `npm fund` for details
4 vulnerabilities (2 moderate, 1 high, 1 critical)
To address all issues, run:
npm audit fix
Run `npm audit` for details.
And the npm audit output:
$ npm audit
# npm audit report
@babel/traverse <7.23.2
Severity: critical
Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code - https://github.com/advisories/GHSA-67hx-6x53-jw92
fix available via `npm audit fix`
node_modules/@babel/traverse
postcss <8.4.31
Severity: moderate
PostCSS line return parsing error - https://github.com/advisories/GHSA-7fh5-64p2-3v2j
fix available via `npm audit fix`
node_modules/postcss
semver 6.0.0 - 6.3.0
Severity: moderate
semver vulnerable to Regular Expression Denial of Service - https://github.com/advisories/GHSA-c2qf-rxjj-qqgw
fix available via `npm audit fix`
node_modules/semver
vite 3.0.0 - 3.2.8
Severity: high
Vite dev server option `server.fs.deny` can be bypassed when hosted on case-insensitive filesystem - https://github.com/advisories/GHSA-c24v-8rfc-w8vw
Vite's `server.fs.deny` did not deny requests for patterns with directories. - https://github.com/advisories/GHSA-8jhw-289h-jh2g
fix available via `npm audit fix`
node_modules/vite
4 vulnerabilities (2 moderate, 1 high, 1 critical)
To address all issues, run:
npm audit fix
I' not very familiar with the npm ecosystem, but when running
npm installto be able to build this project locally, I get the following output:And the
npm auditoutput:Maybe it's time to update some dependencies?