Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Do we really need this dependencies #57

Open
leonexcc opened this issue Oct 20, 2023 · 2 comments
Open

Do we really need this dependencies #57

leonexcc opened this issue Oct 20, 2023 · 2 comments

Comments

@leonexcc
Copy link

Thank you for this great code!

I have do a question: Do we really need this dependencies to use the viewer on a website?

"dependencies": {
    "@babel/polyfill": "^7.6.0",
    "autoprefixer": "^10.4.7",
    "body-scroll-lock": "^4.0.0-beta.0",
    "core-js": "^3.3.2",
    "postcss-loader": "^7.0.0"
}

As I understand, all the code in dist/ will not use this. If we need this for some reason, could we please update them to fix the NPM audit errors for postcss?

I can provide a pull request if that helps.
@kylewetton
Copy link
Owner

I mean they're there because CSS is a part of this package, body-scroll-lock is indeed needed if you're using vertical mode. I've done an audit and update, does this help you out?

@leonexcc
Copy link
Author

I also realised you need the body-scroll-lock :-).

It would help for now to upgrade the packages to a versition without security problems. I also made a fork in https://github.com/leonexcc/image-compare-viewer/tree/fix/npm-dependencies, moved all other packages and that worked for us. Maybe you could look into the other packages too.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@leonexcc @kylewetton