Comments (10)
The issue is not with the blues stack but with transitive dependencies. We can't do anything about those in this repo, so I'll close this issue. Feel free to open PRs in the deps to fix these issues.
from blues-stack.
Thinking out loud: should we enable dependabot for stacks?
from blues-stack.
@MichaelDeBoey no problem on my side. As I suppose these kind of warnings will trigger future remix'ers, it is still good to acknowledge it here.
It seems to be a false positive anyway: sindresorhus/trim-newlines#8 (comment)
No, it's not serious. It's just a "vulnerability" that may affect 0.0000001% of users, but waste the time of everyone.
I leave it to you to decide whether or not you want to keep the issue open ;)
from blues-stack.
@binajmen I've created a PR to remove the unused chalk-animation
dependency, which is causing this warning: remix-run/remix#2547
from blues-stack.
@machour I know @kentcdodds isn't a fan of using @dependabot, although I think it can be valuable tbh.
from blues-stack.
@binajmen I just updated all dependencies in #25 (did this for all stacks), but I still get these 4 severity vulnerabilities warnings, so nothing else we can do for now I'm afraid 🤷♂️
from blues-stack.
@binajmen Strange, as I still get them when removing node_modules
& package-lock.json
and running npm i
🤔
from blues-stack.
By false positive, I meant "classified as not a serious vulnerability" by the author.
This is supposed to be a 4 lines package 😄
sindresorhus/trim-newlines@25246c6
from blues-stack.
In the meantime: remix-run/remix#2373 (comment)
from blues-stack.
remix-run/remix#2547 is merged, so it will be released when 3.4.0
gets released.
Once that's done, we'll update the package-lock.json
of all stacks, which should fix these warnings
from blues-stack.
Related Issues (20)
- Hydration error: Initial UI does not match server HOT 3
- New Defer API does not work with blues-stack HOT 11
- When Using Express Adapter Throwing Responses will break the app HOT 1
- great repro
- Race condition in npm run dev HOT 5
- Base Repo OOMs on Fly.io HOT 7
- Fly.io -> Error: Can't reach database server HOT 7
- `npm run typecheck` fails on fresh project HOT 7
- blues-stack 2.0.0-pre.5 - LiveReload is not working HOT 2
- v2_dev leaves one node process behind after shutdown HOT 1
- Scripts variant in README to support the Yarn inclined
- Deployment issue. Node version >18 needed
- Update server.ts to watch version.txt
- Error when trying to run the docker image HOT 3
- Latest server.js code breaks HDR HOT 1
- Some URLs in the `/build` path were 404 not found after making changes in development mode HOT 1
- Vite support
- Build failed while running npm run build on blues stack HOT 2
- Install an esm package dependency
- Error Code 134 on Deploy of Base Repo HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from blues-stack.