search

spotfiresoftware / spotfire-mods

Spotfire® Mods
https://spotfiresoftware.github.io/spotfire-mods/
Other
54 stars 41 forks source link

Banned outdated libraries in version 1.2 #82

Closed heberleh closed 2 years ago

heberleh commented 2 years ago

At Bayer we use a specific long term version of Spotfire, which doesn't allow us to try the most up to date mod examples.

Could you please upgrade the versions of libraries of Mods API version 1.2?

For some reason, one of the versions of the sub-dependencies is banned. Upgrading the libraries worked, but then the example was broken.

The problem occurs when trying to run npm install with outdated libs (probably with high security risk).

The package-lock was also created with an old node version.

heberleh commented 2 years ago

Turned out to be another problem with npm and authentication.

However, some libraries with critical security risks are still there and npm audit fix won't fix automatically.

objerke commented 2 years ago

We have updated all dependencies in release 1.2.1. It should now be compatible with the latest Node LTS version.