当我在我的应用程序中工作时,我注意到我有 80 个漏洞,主要是因为同行版本,比如一个要求 React 16.8.0,而我有 17.0.1 之类的东西,但另一个说:
Moderate Regular Expression Denial of Service
Package postcss
Patched in >=8.2.10
Dependency of react-scripts
Path react-scripts > postcss-preset-env >
postcss-replace-overflow-wrap > postcss
More info https://npmjs.com/advisories/1693
所以我搜索并更新了所有内容。现在我有 0 个漏洞,但我的应用程序无法运行,所以看起来无论如何它都没有漏洞。当我运行它时,它向我显示了很多像这样的消息(它只更改了在本例中显示“pseudo-class-any”的部分):
postcss-pseudo-class-any-link: postcss.plugin was deprecated. Migration guide:
https://evilmartians.com/chronicles/postcss-8-plugin-migration
然后它说:
./src/App.css (./node_modules/css-loader/dist/cjs.js??ref--5-oneOf-4-1!./node_modules/postcss-loader/src??postcss!./src/App.css)
TypeError: Cannot read property 'unprefixed' of undefined