search

mattdesl / canvas-sketch

[beta] A framework for making generative artwork in JavaScript and the browser.
MIT License
4.97k stars 393 forks source link

3 high severity vulnerabilities #167

Closed andryrave closed 1 year ago

andryrave commented 1 year ago

npm WARN deprecated source-map-url@0.4.1: See https://github.com/lydell/source-map-url#deprecated npm WARN deprecated urix@0.1.0: Please see https://github.com/lydell/urix#deprecated npm WARN deprecated resolve-url@0.2.1: https://github.com/lydell/resolve-url#deprecated npm WARN deprecated source-map-resolve@0.5.3: See https://github.com/lydell/source-map-resolve#deprecated npm WARN deprecated querystring@0.2.0: The querystring API is considered Legacy. new code should use the URLSearchParams API instead. npm WARN deprecated core-js@2.6.12: core-js@<3.23.3 is no longer maintained and not recommended for usage due to the number of issues. Because of the V8 engine whims, feature detection in old core-js versions could cause a slowdown up to 100x even if nothing is polyfilled. Some versions have web compatibility issues. Please, upgrade your dependencies to the actual version of core-js.

changed 673 packages, and audited 674 packages in 28s

57 packages are looking for funding run npm fund for details

3 high severity vulnerabilities

To address all issues (including breaking changes), run: npm audit fix --force

Run npm audit for details.

how can I fix it?

THANK YOU

mattdesl commented 1 year ago

I believe this should now be fixed in latest. Please update like so:

If you've previously installed the CLI tool globally: 

npm install canvas-sketch-cli@latest --global

Or locally:

npm install canvas-sketch-cli@latest --save-dev

Let me know if any issues persist.

LeonCornehl commented 1 year ago

npm WARN deprecated querystring@0.2.0: The querystring API is considered Legacy. new code should use the URLSearchParams API instead. npm WARN deprecated core-js@2.6.12: core-js@<3.23.3 is no longer maintained and not recommended for usage due to the number of issues. Because of the V8 engine whims, feature detection in old core-js versions could cause a slowdown up to 100x even if nothing is polyfilled. Some versions have web compatibility issues. Please, upgrade your dependencies to the actual version of core-js.

added 534 packages, and audited 535 packages in 24s

63 packages are looking for funding run npm fund for details

I also have kind of the same problem and I'm new to coding, can you please help me out? :)