npm provides the following after installing nightmare latest , the workaround (since its not actually fixing the underlying problems) was to downgrade to v2.8.1
unfortunately this earlier version does not appear to be functional, running the starting example code provided on the nightmare readme file results in the Electron browser appearing and immediately closing. sigh, guess its back to using webdriver, hope one day this very promising library becomes hardened and stable.
npm provides the following after installing nightmare latest , the workaround (since its not actually fixing the underlying problems) was to downgrade to v2.8.1
unfortunately this earlier version does not appear to be functional, running the starting example code provided on the nightmare readme file results in the Electron browser appearing and immediately closing. sigh, guess its back to using webdriver, hope one day this very promising library becomes hardened and stable.
npm audit report
electron <=11.4.12 Severity: high Sandboxed renderers can obtain thumbnails of arbitrary files through the nativeImage API - https://github.com/advisories/GHSA-mpjm-v997-c4h4 IPC messages delivered to the wrong frame in Electron - https://github.com/advisories/GHSA-hvf8-h2qh-37m9 Context isolation bypass via leaked cross-context objects in Electron - https://github.com/advisories/GHSA-m93v-9qjc-3g79 Context isolation bypass via Promise in Electron - https://github.com/advisories/GHSA-6vrv-94jv-crrg fix available via
npm audit fix --forceWill install nightmare@2.8.0, which is a breaking change node_modules/electron nightmare >=2.8.1 Depends on vulnerable versions of electron node_modules/nightmare2 vulnerabilities (1 moderate, 1 high)
To address all issues (including breaking changes), run: npm audit fix --force