Giter Site home page Giter Site logo

renderkid's People

Contributors

ariaminaei avatar avivahl avatar billyjanitsch avatar bojidar-bg avatar dependabot[bot] avatar mriedem avatar rdil avatar

Stargazers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

Watchers

 avatar  avatar  avatar  avatar  avatar

renderkid's Issues

Replace css-select?

We're doing legal and security audits of our dependencies and so far one of the most problematic parts is the css-select project and its dependencies. See following issues:

In many cases, there is no response from @fb55 for a long time and the issues are quite important as technically, legally, nobody should be really using packages distributed without explicit license. A code without license is to be considered proprietary by default and using such code could be easily classified as theft. This makes it problematic to use RenderKid in any company or by any individual who actually cares about licensing.

Moreover, the css-select project seems to be more or less abandoned. It seems to me @fb55's dependencies and the css-select project act as a single point of failure in your project. Even if you don't care about licensing, it's apparently naive to expect the dependencies will ever get updated, bugs fixed, etc.

Breaks Travis?

Apologies for the brief report - I don't have a lot of time to investigate this now. We seem to be getting this in our Travis build output. Has anyone else encountered this?

screen shot 2017-03-03 at 13 11 08

license issue - bump utila to 0.4.0

Hello,
we are trying to fix the licensing issues in our dependencies.
Could you please bump version of utila dependency to at least 0.4.0? The 0.4.0 version is adding LICENSE file to the package.

Also can you please also bump the utila version in archived https://github.com/AriaMinaei/dom-converter, do the new release and use it here? I see that you are the maintainer, and as long the repo is archived I cannot add issues or PR there.

Thanks a lot.

Trying to get in touch regarding a security issue

Hey there!

I'd like to report a security issue but cannot find contact instructions on your repository.

If not a hassle, might you kindly add a SECURITY.md file with an email, or another contact method? GitHub recommends this best practice to ensure security issues are responsibly disclosed, and it would serve as a simple instruction for security researchers in the future.

Thank you for your consideration, and I look forward to hearing from you!

(cc @huntr-helper)

webpack-cli] Error [ERR_REQUIRE_ESM]: require() of ES Module

[webpack-cli] Error [ERR_REQUIRE_ESM]: require() of ES Module C:\Documents\GitHub\my-vue-router-project\node_modules\strip-ansi\index.js from C:\Documents\GitHub\my-vue-router-project\node_modules\renderkid\lib\RenderKid.js not supported. Instead change the require of index.js in C:\Documents\GitHub\my-vue-router-project\node_modules\renderkid\lib\RenderKid.js to a dynamic import() which is available in all CommonJS modules. at require (C:\Documents\GitHub\my-vue-router-project\node_modules\v8-compile-cache\v8-compile-cache.js:159:20) at Object. (C:\Documents\GitHub\my-vue-router-project\node_modules\renderkid\lib\RenderKid.js:22:13) at Module._compile (C:\Documents\GitHub\my-vue-router-project\node_modules\v8-compile-cache\v8-compile-cache.js:192:30) at require (C:\Documents\GitHub\my-vue-router-project\node_modules\v8-compile-cache\v8-compile-cache.js:159:20) at Object. (C:\Documents\GitHub\my-vue-router-project\node_modules\pretty-error\lib\PrettyError.js:14:13) at Module._compile (C:\Documents\GitHub\my-vue-router-project\node_modules\v8-compile-cache\v8-compile-cache.js:192:30) at require (C:\Documents\GitHub\my-vue-router-project\node_modules\v8-compile-cache\v8-compile-cache.js:159:20) at Object. (C:\Documents\GitHub\my-vue-router-project\node_modules@masx200\webpack-react-vue-spa-awesome-config\node_modules\html-webpack-plugin\lib\errors.js:3:21) at Module._compile (C:\Documents\GitHub\my-vue-router-project\node_modules\v8-compile-cache\v8-compile-cache.js:192:30) at require (C:\Documents\GitHub\my-vue-router-project\node_modules\v8-compile-cache\v8-compile-cache.js:159:20) at Object. (C:\Documents\GitHub\my-vue-router-project\node_modules@masx200\webpack-react-vue-spa-awesome-config\node_modules\html-webpack-plugin\index.js:21:21) at Module._compile (C:\Documents\GitHub\my-vue-router-project\node_modules\v8-compile-cache\v8-compile-cache.js:192:30) at require (C:\Documents\GitHub\my-vue-router-project\node_modules\v8-compile-cache\v8-compile-cache.js:159:20) at exports.createconfig (C:\Documents\GitHub\my-vue-router-project\node_modules@masx200\webpack-react-vue-spa-awesome-config\bin\config.js:72:374) at module.exports (C:\Documents\GitHub\my-vue-router-project\webpack.config.js:7:20) at WebpackCLI.loadConfig (C:\Documents\GitHub\my-vue-router-project\node_modules\webpack-cli\lib\webpack-cli.js:1589:33) at async Promise.all (index 0) at async WebpackCLI.resolveConfig (C:\Documents\GitHub\my-vue-router-project\node_modules\webpack-cli\lib\webpack-cli.js:1608:35) at async WebpackCLI.createCompiler (C:\Documents\GitHub\my-vue-router-project\node_modules\webpack-cli\lib\webpack-cli.js:2085:22) at async WebpackCLI.runWebpack (C:\Documents\GitHub\my-vue-router-project\node_modules\webpack-cli\lib\webpack-cli.js:2213:20) at async Command. (C:\Documents\GitHub\my-vue-router-project\node_modules\webpack-cli\lib\webpack-cli.js:850:25) at async Promise.all (index 1) at async Command. (C:\Documents\GitHub\my-vue-router-project\node_modules\webpack-cli\lib\webpack-cli.js:1516:13) { code: 'ERR_REQUIRE_ESM' }

webpack-cli error because of older version of dependency css-select

I'm migrating my app from Node 14 to Node 16 and this errors now appears.

[webpack-cli] Failed to load '/app/webpack.config.js' config
[webpack-cli] TypeError: Cannot read properties of undefined (reading 'Descendant')
at Object. (/app/node_modules/renderkid/node_modules/css-select/lib/compile.js:36:56)
at Module._compile (node:internal/modules/cjs/loader:1101:14)
at Object.Module._extensions..js (node:internal/modules/cjs/loader:1153:10)
at Module.load (node:internal/modules/cjs/loader:981:32)
at Function.Module._load (node:internal/modules/cjs/loader:822:12)
at Module.require (node:internal/modules/cjs/loader:1005:19)
at require (node:internal/modules/cjs/helpers:102:18)
at Object. (/app/node_modules/renderkid/node_modules/css-select/lib/index.js:29:17)
at Module._compile (node:internal/modules/cjs/loader:1101:14)
at Object.Module._extensions..js (node:internal/modules/cjs/loader:11[53]

I'm using this module on my app: html-webpack-plugin that has this dependency:
[email protected]
└─┬ [email protected]
└─┬ [email protected]
└── [email protected]

I believe renderkid is still using an older version of css-select 4.3.0 that is not compatible with Node 16. There is a newer version of css-select 5.1.0 that is now updated and in TS that probably works with Node 16. Could you update renderkid to use this new version os css-select, please?

Thank you.

css-select is outdated

The package currently depends on version 2 of css-select. The latest version is version 4.
And the snyk vulnerability database reports a ReDoS vulnerability in css-what (dependency of css-select), that has been patched in the latest version, but still affects codebases using renderkid due to using an older version (see https://app.snyk.io/vuln/SNYK-JS-CSSWHAT-1298035). I don't know whether that vulnerability affects the usage done in renderkid, but tools checking dependencies against a vulnerability database still report it anyway.
It would be great if css-select could be updated to the latest version.

ext[key].bind is not a function

Hi,

I am running into a strange error all of a sudden through my docker image that's using th 14-alpine image. It might have something to do with the version of domutils in renderkid? However I don't know which package is using renderkid. Does anyone know how to find all the packages that are using renderkid? Thanks in advance.

UnhandledPromiseRejectionWarning: TypeError: ext[key].bind is not a function
clientv1_1 | at /home/node/node_modules/renderkid/node_modules/domutils/index.js:12:28
clientv1_1 | at Array.forEach ()
clientv1_1 | at /home/node/node_modules/renderkid/node_modules/domutils/index.js:11:19

Here are the dependencies in my package.json. Does anyone

  "dependencies": {
    "@antv/data-set": "^0.11.4",
    "@craco/craco": "^5.6.4",
    "@ethersproject/shims": "^5.1.0",
    "@material-ui/core": "^4.10.0",
    "@material-ui/icons": "^4.9.1",
    "@material-ui/pickers": "^3.2.10",
    "@metamask/detect-provider": "^1.2.0",
    "@stripe/react-stripe-js": "1.2.0",
    "@stripe/stripe-js": "1.11.0",
    "axios": "^0.19.2",
    "bizcharts": "^4.0.3",
    "chartist": "^0.10.1",
    "cookie-parser": "^1.4.5",
    "crypto-js": "^4.0.0",
    "env-cmd": "10.1.0",
    "ethers": "^5.1.4",
    "history": "^4.9.0",
    "libsodium-wrappers": "0.7.8",
    "lodash": "^4.17.15",
    "material-ui-confirm": "^2.1.1",
    "perfect-scrollbar": "^1.4.0",
    "qs": "^6.9.4",
    "react": "^16.13.1",
    "react-bootstrap-sweetalert": "^5.1.9",
    "react-chartist": "0.14.3",
    "react-csv": "^2.0.1",
    "react-dom": "^16.13.1",
    "react-dropzone": "^11.0.1",
    "react-papaparse": "3.8.0",
    "react-redux": "^7.0.2",
    "react-router-dom": "^5.2.0",
    "react-scripts": "3.4.1",
    "react-select": "^3.0.8",
    "react-star-rating-component": "^1.4.1",
    "react-swipeable-views": "^0.13.9",
    "react-virtualized": "9.22.2",
    "redux": "^4.0.5",
    "redux-thunk": "^2.3.0",
    "shuffle-seed": "^1.1.6"
  },
  "devDependencies": {
    "node-sass": "^4.14.1",
    "nodemon": "2.0.4",
    "prop-types": "^15.7.2",
    "redux-devtools-extension": "^2.13.8",
    "@testing-library/dom": "7.5.7",
    "@testing-library/jest-dom": "^4.2.4",
    "@testing-library/react": "^9.3.2",
    "@testing-library/user-event": "^7.1.2"
  },

Recent Version bump

Hi @AriaMinaei

I noticed the recent version bump from v2.0.5 -> v2.0.6 included changes that seem pretty substantial. Specifically, I'm looking at 4a7e401 & fa6ecbd

These changes include a lot of major version updates of a bunch of packages:

  • mocha v5.2.0 -> v8.2.0
  • css-select v2.0.2 -> v4.1.3
  • htmlparser2 v3.10.1 -> v6.1.0
  • strip-ansi v3.0.0 -> v6.0.0

I'm currently using html-webpack-plugin which has the dependency pretty-error ^2.0.2 which has the dependency renderkid ^2.0.4

due to the use of ^ in the version it is pulling in v2.0.6 which has completely broke this project.

Would it be possible to change the version to be a major version bump since all of the updates that you changed are also major version bumps? so the new version would be v3.0.0 instead of v2.0.6.

Configure default terminalWidth for non TTY environment

Here in the code, the terminal width is defaulted to 80 for non-TTY terminals:

if typeof cols is 'number' && cols > 30 then cols else 80

This is causing lines to be cut when using in a context where Node is run using terminal redirection (WebStorm run console, AWS CloudWatch logs, ...)

Would it be possible to introduce an environment variable or a way to change this default value? If yes, I can open a pull-request for that.
Environment variable could be something like RENDERKID_DEFAULT_TERMINAL_WIDTH.

CVE-2021-3807 - ansi-regex-2.1.1.tgz (Vulnerable Library)

Dependency Hierarchy:

-> html-webpack-plugin-5.3.2.tgz (Root Library)

-> pretty-error-3.0.4.tgz

 -> renderkid-2.0.7.tgz

   -> strip-ansi-3.0.1.tgz

     -> ❌ ansi-regex-2.1.1.tgz (Vulnerable Library)

Suggested fix: Upgrade to version: ansi-regex - 5.0.1,6.0.1

Please help to upgrade the dependency version of strip-ansi to a newer version

Update NPM package.

The NPM package still installs the old joiful-experiments dependency.

This causes problems when Node is above v0.10.x because joiful-experiments uses the deprecated sys module instead of the util module.

For now, I will change the dependency in package.json to AriaMinaei/RenderKid but it would be nice to keep the NPM package up-to-date so I can just use renderkid.

Thanks!

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.