Comments (11)
marvinjaworski
commented on May 29, 2024
5
Same problem here, we are very close to a release with our software and this bug is a big problem for our compliance regulations. It would be important to fix this quickly please 🙏
from react-pdf.
davidovich9
commented on May 29, 2024
2
Temporary fix that worked for me:
- in package.json:
"resolutions": {
"pdfjs-dist": "^4.2.67"
}
- in vite.config.ts:
optimizeDeps: {
esbuildOptions: {
target: 'esnext'
}
},
build: {
target: 'esnext'
}
from react-pdf.
donovanclarke
commented on May 29, 2024
1
@davidovich9 I use react without nextjs and vite. When I set the resolution in the package.json, the message "2 high severity vulnerabilities" persists on npm install.
Are you using yarn, or npm?
yarn you can use resolutions in your package.json file.
And i believe the npm equivalent is overrides.
from react-pdf.
donovanclarke
commented on May 29, 2024
1
Using
overridesworked for us to remove the warning! What exactly is that doing to fix the issue?
Say you have package A.
And package B, C, D use A as a dependency, but they all use different versions of A.
A resolution or override basically centralizes that version to what you have in your resolution or override.
IMHO, its not a long term solution, but definitely can help out in times like this when we need to quickly get something out.
from react-pdf.
grueneerle
commented on May 29, 2024
1
The temporary override (pdfjs-dist -> 4.2.67) seems to fix the audit issues but we (@marvinjaworski ) are facing compatibility issues withreact-pdf in version 8.0.2
So until we found a solution for this, the override doesn't work in all situations.
from react-pdf.
donovanclarke
commented on May 29, 2024
Just another engineer chiming in on this 🙏🏽
Edit:
You could possibly use a resolution as a workaround. I will be testing this shortly.
from react-pdf.
bombillazo
commented on May 29, 2024
Updated my packages and got this warning as well.
from react-pdf.
marvinjaworski
commented on May 29, 2024
@davidovich9 I use react without nextjs and vite. When I set the resolution in the package.json, the message "2 high severity vulnerabilities" persists on npm install.
from react-pdf.
bombillazo
commented on May 29, 2024
Using overrides worked for us to remove the warning! What exactly is that doing to fix the issue?
from react-pdf.
donovanclarke
commented on May 29, 2024
The temporary override (
pdfjs-dist->4.2.67) seems to fix the audit issues but we (@marvinjaworski ) are facing compatibility issues withreact-pdfin version8.0.2So until we found a solution for this, the override doesn't work in all situations.
I mean you are bumping a major version of pdfjs. It is more than likely their will be some sort of breaking change.
You could try linting your project to find where the import error is happening and fix it there. You may run into the same issue even with this library updating the dependency.
from react-pdf.
a-str-o
commented on May 29, 2024
"pdfjs-dist": "3.11.174",
"react-pdf": "^0.0.10", this updated after i do npm i
nextjs app same problem
from react-pdf.
Related Issues (20)
- Text overflows vertically when trying to render tables HOT 1
- React-PDF does not work anywhere on Next.JS HOT 2
- Vite 5 + React 18 can't render PDFViewer and give blank page in iframe due to custom fonts HOT 4
- Custom font causes infinite pending of `toBlob` HOT 2
- PDFDownloadLink not working using next js HOT 3
- hasOwnProperty undefined HOT 1
- DEFAULT FONTS IS NOT WORKING HOT 9
- Image not loading after webpack & file-loader
- unable to set pdfinstance to null
- PDFDownloadLink not working using Next js HOT 2
- Error when building code for the browser with esbuild - cannot not resolve "fs", "buffer", "stream", "zlib", "path", "url" HOT 1
- compat with react 19 HOT 1
- Cloudflare worker compatibility
- ReferenceError: Buffer is not defined
- Dependency versioning HOT 1
- My use of `<PDFViewer style={PDFStyles.viewer}>` results in error that does not exist when just using `<Document>` HOT 2
- Copy and pasting Roboto font from Chrome PDF preview results in missing characters.
- Vertical Compression of Components when using wrap={false}
- Infinity Pending when using PDFDownloadLink
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from react-pdf.