warning prisma-kysely > @prisma/internals > temp-write > uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
Closed this issue ยท 6 comments
Hi, getting this issue while installing prisma-kysely in the nextjs project
warning prisma-kysely > @prisma/internals > temp-write > uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
version:
- "prisma-kysely": "^1.4.2",
- "prisma": "^4.15.0",
I know it's not the issue with this package, but don't know where to report :(
Thank you. I'll upgrade the dependencies asap.
@corbt @shakibhasan09 Hope you guys are having a nice Sunday (or whatever day it is where and when you're reading this). I've released an updated version with the newest release of Prisma, among other packages. Please note though that the code that prisma-kysely relies on shouldn't be bleeding into your runtime (famous last words, I know) since it's only a dev/build-time type generation tool. That aside, I of course want to make sure we're not relying on any vulnerable libraries, so thanks for reporting this. I'll try to be quicker to react next time.
Thank you so much! Yes, I don't think this was causing any actual production vulnerabilities for me, just an annoying warning message every time I run pnpm install. ๐