相依性套件的安全性問題

安裝套件會提示 critical severity 
https://www.npmjs.com/package/@visactor/vtable?activeTab=versions
https://www.npmjs.com/package/@visactor/vdataset/v/1.0.6?activeTab=code

<img width="350" alt="Image" src="https://github.com/user-attachments/assets/21902e37-7387-4182-8d47-7b9f5b4b8b5d" />

從 package-lock.json 中可得知
**minimist -> geojson-flatten -> geojson-dissolve -> @visactor/vdataset**

@visactor/vdataset
<img width="350" alt="Image" src="https://github.com/user-attachments/assets/b862a390-638b-42e6-8683-c25ae9cca945" />

geojson-dissolve
<img width="350" alt="Image" src="https://github.com/user-attachments/assets/b475f284-e795-48c1-b645-e1da1f93e9cb" />

geojson-flatten
<img width="350" alt="Image" src="https://github.com/user-attachments/assets/32351e40-763d-4608-8829-2417c29ba332" />


想請問可以幫忙解決嗎？

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

相依性套件的安全性問題 #4023

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

相依性套件的安全性問題 #4023

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions