Closed creativeindustriesgroup closed 1 year ago
Thanks for looking into this @jafin. Unfortunately I'm still having the same issue following the update.
npm install @tawk.to/tawk-messenger-react
added 1 package, and audited 1588 packages in 5s
7 high severity vulnerabilities
npm audit --production
# npm audit report
nth-check <2.0.1
Severity: high
Inefficient Regular Expression Complexity in nth-check - https://github.com/advisories/GHSA-rp65-9cf3-cjxr
No fix available
node_modules/svgo/node_modules/nth-check
css-select <=3.1.0
Depends on vulnerable versions of nth-check
node_modules/svgo/node_modules/css-select
svgo 1.0.0 - 1.3.2
Depends on vulnerable versions of css-select
node_modules/svgo
@svgr/plugin-svgo <=5.5.0
Depends on vulnerable versions of svgo
node_modules/@svgr/plugin-svgo
@svgr/webpack 4.0.0 - 5.5.0
Depends on vulnerable versions of @svgr/plugin-svgo
node_modules/@svgr/webpack
react-scripts >=2.1.4
Depends on vulnerable versions of @svgr/webpack
node_modules/react-scripts
@tawk.to/tawk-messenger-react *
Depends on vulnerable versions of react-scripts
node_modules/@tawk.to/tawk-messenger-react
7 high severity vulnerabilities
Some issues need review, and may require choosing
a different dependency.
Hello,
Installing this library in my React App gives me high severity vulnerability warnings:
% npm audit --production
npm audit report
nth-check <2.0.1 Severity: high Inefficient Regular Expression Complexity in nth-check - https://github.com/advisories/GHSA-rp65-9cf3-cjxr No fix available node_modules/svgo/node_modules/nth-check ├── css-select <=3.1.0 ├── Depends on vulnerable versions of nth-check └── node_modules/svgo/node_modules/css-select ├── svgo 1.0.0 - 1.3.2 ├── Depends on vulnerable versions of css-select └── node_modules/svgo ├── @svgr/plugin-svgo <=5.5.0 ├── Depends on vulnerable versions of svgo └── node_modules/@svgr/plugin-svgo ├── @svgr/webpack 4.0.0 - 5.5.0 ├── Depends on vulnerable versions of @svgr/plugin-svgo └── node_modules/@svgr/webpack ├── react-scripts >=2.1.4 ├── Depends on vulnerable versions of @svgr/webpack └── node_modules/react-scripts ├── @tawk.to/tawk-messenger-react * ├── Depends on vulnerable versions of react-scripts └── node_modules/@tawk.to/tawk-messenger-react
7 high severity vulnerabilities
My application is running on react-scripts 5.0.1 and this error does not happen when I uninstall Tawk.to