browser-extension
browser-extension copied to clipboard
Published
20 hours ago •
Debdut
Debdut
Package manager identifies warnings based on dependencies
npm install generates "high" vulnerabilities, but npm often creates false positives. Results when I tried:
npm WARN deprecated [email protected]: In 6. x, the babel package has been deprecated in favor of babel-cli. Check https://opencollective.com/babel to support the Babel maintainers
npm WARN deprecated [email protected]: this library is no longer supported
npm WARN deprecated [email protected]: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
npm WARN deprecated [email protected]: request has been deprecated, see https://github.com/request/request/issues/3142
added 1203 packages, and audited 1204 packages in 23s
116 packages are looking for funding
run `npm fund` for details
12 vulnerabilities (9 moderate, 3 high)
I also tried with yarn as it usually generates fewer false positives. Yarn said:
warning " > [email protected]" has unmet peer dependency "postcss@^8.1.0".
warning " > [email protected]" has unmet peer dependency "postcss@^7.0.0 || ^8.0.1".
warning " > [email protected]" has unmet peer dependency "postcss@^8.0.9".
warning "web-ext > addons-linter > [email protected]" has unmet peer dependency "@types/[email protected]".
warning "web-ext > addons-linter > [email protected]" has unmet peer dependency "[email protected]".
warning "web-ext > addons-linter > [email protected]" has unmet peer dependency "[email protected]".
warning "web-ext > addons-linter > [email protected]" has unmet peer dependency "[email protected]".
warning "web-ext > addons-linter > [email protected]" has unmet peer dependency "[email protected]".
npm audit fix did minor safe (patch level) updates to clean up some of the warnings down to 9 moderate and 1 high vulnerability.
npm audit fix -force
npm WARN using --force Recommended protections disabled.
npm WARN audit Updating web-ext to 7.1.0, which is a SemVer major change.
npm WARN deprecated [email protected]: core-js@<3.23.3 is no longer maintained and not recommended for usage due to the number of issues. Because of the V8 engine whims, feature detection in old core-js versions could cause a slowdown up to 100x even if nothing is polyfilled. Some versions have web compatibility issues. Please, upgrade your dependencies to the actual version of core-js.
