heads up: broken colors package #370
Comments
|
Same here. Console gets completely spammed indefinitely when running a project that uses this library. |
|
@agusterodin see Marak/colors.js#285 (comment) for some possible solutions. If needed I can prepare the relevant patch. |
|
npx marak-free |
|
I have no idea what that package is. Potentially dangerous given how weird things have been from Marak. Use caution when running commands with npx. |
|
Other seems to replace colors with chalk e.g. aws/aws-cdk#18329 maybe that's a more reliable solution. |
Not in most cases as this might lead to breaking changes. The returned strings are a bit different and parsers may behave differently. See for example cli-table/cli-table3#250 (comment) The easier and faster fix is to pin the version since you can not remove or change already published package versions. |
|
How does pinning solve the issue in a long term? In case of a future security issue you might end up locked, no idea if and how the colors package will be maintained in the future. Trust is easy to destroy and hard to recover 🤷 Just my two cents. |
I never said "longterm" fix. The longterm solution would be to switch to something like Alternatively switch to the fork (DABH is one of its previous contributors and maintainers): https://www.npmjs.com/package/@dabh/colors |
|
Ok then we talk about the same thing now :) because what I said initially was
where |
webpack/webpack#15130 (comment)
Marak/colors.js#285
The text was updated successfully, but these errors were encountered: