Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Fix SNYK-JS-ANSIREGEX-1583908 and move to ESM
See original GitHub issueIs your feature request related to a problem or a nice-to-have?? Please describe.
As of https://snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908 my investigations lead to mocha referencing the vulnerability by peer dependencies of "wide-align": "v1.1.3" -> "string-width": "^1.0.2 || 2" -> "strip-ansi": "^4.0.0" -> "ansi-regex": "^3.0.0".
Describe the solution you’d like
Forcing @iarna to accept https://github.com/iarna/wide-align/pull/57 from @jimmywarting will update "string-width": "^5.0.1" resulting in a fix of https://snyk.io/vuln/SNYK-JS-ANSIREGEX-1583908 with peer-dependencies "strip-ansi": "^7.0.1" -> "ansi-regex": "^6.0.1". It will require some changes towards ESM on mocha-side too: https://github.com/mochajs/mocha/blob/27bfc7425fed7a9a9cadb6dabc536a0bd32abd7a/lib/cli/one-and-dones.js#L11
Describe alternatives you’ve considered
Alternatively the use of @jimmywarting branch https://github.com/jimmywarting/wide-align/tree/esm as dependency, or investigation of a replacement for string-width are thinkable.
Issue Analytics
- State:
- Created 2 years ago
- Reactions:1
- Comments:10 (4 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
Sure, I can try to work on this
@dhuang612 I will publish a new release this weekend, probably. I would take over this one, unless your PR is ready within the next days. Thanks.