← Retour aux issues

Encore des vulnérabilités lors de l'installation du projet avec NPM

publié le , mis à jour
Avatar github de tjarrosstjarross

Suite à #641, il subsiste encore des vulnéraabilités lors de l'installation des paquets. L'installation est faite sur la branche master au commit c698575:

-> cartes git:(master) $> npm install --legacy-peer-deps
npm WARN deprecated remark-footnotes@5.0.0: Deprecated: use `remark-gfm`
npm WARN deprecated inflight@1.0.6: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful.
npm WARN deprecated @babel/plugin-proposal-nullish-coalescing-operator@7.18.6: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-nullish-coalescing-operator instead.
npm WARN deprecated @babel/plugin-proposal-class-properties@7.18.6: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-class-properties instead.
npm WARN deprecated @babel/plugin-proposal-optional-chaining@7.21.0: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-optional-chaining instead.
npm WARN deprecated glob@8.1.0: Glob versions prior to v9 are no longer supported
npm WARN deprecated @babel/plugin-proposal-object-rest-spread@7.20.7: This proposal has been merged to the ECMAScript standard and thus this plugin is no longer maintained. Please use @babel/plugin-transform-object-rest-spread instead.
npm WARN deprecated babel-eslint@10.1.0: babel-eslint is now @babel/eslint-parser. This package will no longer receive updates.
npm WARN deprecated @xmldom/xmldom@0.8.3: this version has critical issues, please update to the latest version
npm WARN deprecated babel-plugin-webpack-alias@2.1.2: Package no longer supported. Contact Support at https://www.npmjs.com/support for more info.
npm WARN deprecated core-js@2.6.12: core-js@<3.23.3 is no longer maintained and not recommended for usage due to the number of issues. Because of the V8 engine whims, feature detection in old core-js versions could cause a slowdown up to 100x even if nothing is polyfilled. Some versions have web compatibility issues. Please, upgrade your dependencies to the actual version of core-js.

added 1425 packages, and audited 1426 packages in 2m

499 packages are looking for funding
  run `npm fund` for details

7 vulnerabilities (3 moderate, 2 high, 2 critical)

To address all issues possible (including breaking changes), run:
  npm audit fix --force

Some issues need review, and may require choosing
a different dependency.

Run `npm audit` for details.
✏️ Participer à la discussion