Examples directory of the repository is part of the NPM package
jfcere opened this issue Β· comments
Hi there,
Thanks for the library, ASCII art ftw π
That being said, my vulnerability check reported a problem with figlet because it found an old version of jQuery that has been flagged for security issues. I was surprised at first because I thought that the library has no dependency on jQuery but after inspecting the node_modules/figlet
directory I noticed that the folder examples
that contain jQuery is part of the NPM package.
Is there any plan to remove the examples
folder from the distributed package?
Sorry, I was confused when I posted my first response (I was thinking of a little used font preloading function, but it doesn't cause jquery to be included). You were correct. I've refactored the example to not use jQuery so it's no longer included. Thanks for reporting this!
@patorjk Thanks a lot, WhiteSource doesn't report the vulnerability anymore π