Open wanfuse123 opened 1 year ago
So I upgraded all the packages in the dev branch. Did not test every thing for regressions but the 2D and 3D environments seemed to be working.
After upgrading all the packages was still getting vulnerability warnings. If you remove the 2 electron packages these warnings go away.
"electron": "^22.0.0",
"electron-builder": "^22.10.3",
For now I don't think it is a big issue. The electron packages are only used to make the desktop application builds and are not included in the web pack that is served using npm run start
or npm run build
2 critical severity vulnerabilities (how do I fix)?
Some issues need review, and may require choosing a different dependency.
Run
npm audit
for details. (base) steven@Desktop-1d:/backup/jsketcher$ npm auditnpm audit report
loader-utils <1.4.1 Severity: critical Prototype pollution in webpack loader-utils - https://github.com/advisories/GHSA-76p3-8jx3-jpfq No fix available node_modules/less-vars-loader/node_modules/loader-utils less-vars-loader * Depends on vulnerable versions of loader-utils node_modules/less-vars-loader
2 critical severity vulnerabilities
Some issues need review, and may require choosing a different dependency. (base) steven@Desktop-1d:/backup/jsketcher$ npm update less-vars-loader loader-utils
up to date, audited 1049 packages in 2s
128 packages are looking for funding run
npm fund
for details2 critical severity vulnerabilities
Some issues need review, and may require choosing a different dependency.
Run
npm audit
for details.