snapsvg-cjs dependent on snapsvg which has jquery in demo folder

negomi / react-burger-menu

:hamburger: An off-canvas sidebar component with a collection of effects and styles using CSS transitions and SVG path animations

http://negomi.github.io/react-burger-menu/

MIT License

5.05k stars 586 forks source link

snapsvg-cjs dependent on snapsvg which has jquery in demo folder #355

Closed Sleepy-Joe closed 4 years ago

Sleepy-Joe commented 4 years ago

snapsvg-cjs is dependent on snapsvg which has a minified version of jquery in demo folder. This might not seem like a big deal but it fails securities findings for NIQS. The version of jquery in the demo folder is 1.9.x.

snapsvg is considered to be stable and not many updates to come. Chances are that they will not remove the file from the code just to create a new version.

I would suggest not using snapsvg and moving to svgjs which is still being actively supported and enhanced.

stale[bot] commented 4 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.