next-share icon indicating copy to clipboard operation
next-share copied to clipboard

Published 20 hours ago verified publisher icon Bunlong

"added 1060 packages" with 7 high vulnerabilities?

Open florianwalther-private opened this issue 2 years ago • 1 comments

Great and useful library! But I have a problem. When I install the latest version of this library, it adds 1060 packages with 7 high vulnerabilities. When I install v0.13.0, I only get 130 and no vulnerabilities. What's the cause of this?

florianwalther-private avatar Aug 28 '22 13:08 florianwalther-private

Same thing for us! These vulnerabilities appear from the version 0.14.0 that supports React 18. By running the audit fix --force, the library is downgraded to version 0.12.1

flux0uz avatar Sep 19 '22 10:09 flux0uz

That's quite a big deal! Hoping to get attention from maintainers to fix that.

haschdl avatar Oct 06 '22 19:10 haschdl

@florianwalther-private, @flux0uz, @haschdl

The issue was fixed in next-share version 0.18.2. Thanks!

Bunlong avatar Oct 09 '22 15:10 Bunlong

@Bunlong Well done! Thank you very much!

florianwalther-private avatar Oct 09 '22 15:10 florianwalther-private

@florianwalther-private My pleasure! Thanks!

Bunlong avatar Oct 10 '22 04:10 Bunlong