search

nygardk / react-share

Social media share buttons and share counts for React
MIT License
2.6k stars 430 forks source link

npm install react-share: 3 low severity vulnerabilities #479

Closed sug1no closed 1 year ago

sug1no commented 1 year ago

I have getting this error ...:

$ nvm install lts/*
v18.13.0 is already installed.
Now using node v18.13.0 (npm v8.19.3)
sug1no@ubuntu /tmp/t 
$ npm install react-share

added 8 packages, and audited 9 packages in 2s

3 low severity vulnerabilities

Some issues need review, and may require choosing
a different dependency.

Run `npm audit` for details.
sug1no@ubuntu /tmp/t 
$ npm audit fix

up to date, audited 9 packages in 645ms

# npm audit report

debug  <3.1.0
debug Inefficient Regular Expression Complexity vulnerability - https://github.com/advisories/GHSA-9vvw-cc9w-f27h
No fix available
node_modules/debug
  jsonp  >=0.2.0
  Depends on vulnerable versions of debug
  node_modules/jsonp
    react-share  *
    Depends on vulnerable versions of jsonp
    node_modules/react-share

3 low severity vulnerabilities

Some issues need review, and may require choosing
a different dependency.

Any plans to fix the jsonp / debug.js dependency?

sug1no commented 1 year ago

I don't know why, but the problem did not reappear this morning ;-p

$ npm --version
8.19.3

$ npm install react-share

added 5 packages, and audited 9 packages in 870ms

found 0 vulnerabilities
sug1no commented 1 year ago

This may have been corrected by https://github.com/expressjs/express/issues/5088#issuecomment-1379346637