Skip to content
This repository has been archived by the owner on Aug 2, 2022. It is now read-only.

npm audit issue with elliptic #850

Closed
makc opened this issue Mar 24, 2021 · 3 comments
Closed

npm audit issue with elliptic #850

makc opened this issue Mar 24, 2021 · 3 comments

Comments

@makc
Copy link

makc commented Mar 24, 2021

Version of EOSJS
^21.0.3

Describe the bug
npm audit has issues with elliptic, says it was fixed in newer version

To Reproduce
Steps to reproduce the behavior:
run npm audit? in my case, this was a project with ual-anchor package, and they say the problem is on your side

Expected behavior
0 audit issues

Screenshots
@bradlhart
Copy link
Contributor

bradlhart commented Mar 24, 2021
edited
Loading

We have addressed this in the edge release of eosjs (#843) and there is a PR (#849) open to include it to the eosjs v22 release but in the meantime, you might be able to force your install to use elliptic@6.5.4 by using the resolutions field in package.json. We are certain there are no breaking changes on our end in this case if you would like to do that.

You can also choose to use eosjs@edge but it is specifically for v2.1 of nodeos (which is also in RC currently) and there might be type mismatches if you use it with an older version. See the v22 release candidate notes for more information: https://github.com/EOSIO/eosjs/releases/tag/v22.0.0-rc2

@makc
Copy link
Author

makc commented Mar 24, 2021

resolutions

they say it only works with yarn, npm does not have it ootb

@bradlhart
Copy link
Contributor

This should be resolved with the v21.0.4 patch version. Please let us know if there are any persistent problems regarding this issue to reopen.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@makc @bradlhart