[Bug] Some components of npm that the linkis console depends on have security vulnerabilities

Question

[Bug] Some components of npm that the linkis console depends on have security vulnerabilities

Closed this issue 2 years ago · 0 comments

casionone commented 3 years ago

Search before asking

I searched the issues and found no similar issues.

Linkis Component

web

What happened + What you expected to happen

Some components of npm that the linkis console depends on have security vulnerabilities.
The compilation log of the web is as follows:

npm WARN deprecated axios@0.19.2: Critical security vulnerability fixed in v0.21.1. For more information, see https://github.com/axios/axios/pull/3410
npm WARN deprecated svgo@1.3.0: This SVGO version is no longer supported. Upgrade to v2.x.x.
npm WARN deprecated tar@2.2.2: This version of tar is no longer supported, and will not receive security updates. Please upgrade asap.
npm WARN deprecated popper.js@1.16.1: You can find the new Popper v2 at @popperjs/core, this package is dedicated to the legacy v1
npm WARN deprecated highlight.js@9.18.3: Version no longer supported. Upgrade to @latest

....
51 vulnerabilities (25 moderate, 23 high, 3 critical)

Relevent platform

none

Reproduction script

none

Anything else

No response

Are you willing to submit a PR?

Yes I am willing to submit a PR!