I am doing npm audit on my project and I am getting
# npm audit report
d3-color <3.1.0
Severity: high
d3-color vulnerable to ReDoS -
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/d3-transition/node_modules/d3-color
node_modules/react-simple-maps/node_modules/d3-color
d3-interpolate 0.1.3 - 2.0.1
Depends on vulnerable versions of d3-color
node_modules/d3-transition/node_modules/d3-interpolate
node_modules/react-simple-maps/node_modules/d3-interpolate
d3-transition 0.0.7 - 2.0.0
Depends on vulnerable versions of d3-color
Depends on vulnerable versions of d3-interpolate
node_modules/d3-transition
d3-zoom 0.0.2 - 2.0.0
Depends on vulnerable versions of d3-interpolate
Depends on vulnerable versions of d3-transition
node_modules/react-simple-maps/node_modules/d3-zoom
react-simple-maps 2.0.0 - 3.0.0
Depends on vulnerable versions of d3-zoom
node_modules/react-simple-maps
I tried various things like using overrides, installing these child dependencies directly, but while running the application I get wierd ES module errors
Uncaught Error: require() of ES Module
I am not being able to figure out how to fix this and it seems like all these child dependencies are interlinked.
Please advise. Also please don't suggest to run npm audit fix --force, that is not I want.
发布者:admin,转转请注明出处:http://www.yc00.com/questions/1736248825a3876843.html
评论列表(0条)