Hello, I am trying to push up some new code through a pipeline that has snyk to check for vulnerabilities…npm-events-package, a dependency for mediasoup-client is causing this error…Malicious Package in npm-events-package | Snyk. Is there anyway to get this changed to ‘@types/events’ and ‘events’? Any insight would be much appreciated!
I was able to fix this for now by adding this to my main package.json…
“overrides”: {
“mediasoup-client”: {
“npm-events-package”: “events@^3.3.0”,
“@types/npm-events-package”: “@types/events@^3.0.3”
}
},
Update mediasoup-client to the latest version. This is a false alarm but anyway solver in this commit: Rename npm-events-package to events-alias (fixes #329) · versatica/mediasoup-client@bf573c7 · GitHub
1 Like