schwarzdavid / bootstrap-email Goto Github PK

View Code? Open in Web Editor NEW

27.0 27.0 11.0 6.1 MB

License: MIT License

JavaScript 59.23% SCSS 37.38% EJS 3.39%

bootstrap-email's People

Contributors

Stargazers

Watchers

Forkers

ben-pleysier th0m4s navonod akosblazsik b9ingenieria vinialves008 tempotelecom ru4ert nilsramsperger obolify knopkem

bootstrap-email's Issues

Cannot get BootstrapEmail to load

Getting an error
...node_modules/bootstrap-email/src/assets/bootstrap-email.scss: no such file or directory

The file is definitely there.

Running on Mac M1

Crash when trying any example - cheerio TypeError: Cannot use 'in' operator to search for 'length' in false

Not sure what the issue is, but cannot get any examples to work at all...

TypeError: Cannot use 'in' operator to search for 'length' in false
at initialize (/Users/gslender/Documents/Development/web_test/node_modules/cheerio/lib/load.js:105:28)
at Function.unwrap (/Users/gslender/Documents/Development/web_test/node_modules/bootstrap-email/src/lib/ElementHelper.js:100:26)
at Element.<anonymous> (/Users/gslender/Documents/Development/web_test/node_modules/bootstrap-email/src/lib/ContentCompiler.js:63:19)
at LoadedCheerio.each (/Users/gslender/Documents/Development/web_test/node_modules/cheerio/lib/api/traversing.js:519:26)
at ContentCompiler.div (/Users/gslender/Documents/Development/web_test/node_modules/bootstrap-email/src/lib/ContentCompiler.js:59:12)
at BootstrapEmail._compileHtml (/Users/gslender/Documents/Development/web_test/node_modules/bootstrap-email/src/BootstrapEmail.js:271:20)
at BootstrapEmail.compile (/Users/gslender/Documents/Development/web_test/node_modules/bootstrap-email/src/BootstrapEmail.js:191:8)
at BootstrapEmail.compileAndSave (/Users/gslender/Documents/Development/web_test/node_modules/bootstrap-email/src/BootstrapEmail.js:205:24)
at Object.<anonymous> (/Users/gslender/Documents/Development/web_test/test.js:31:16)
at Module._compile (node:internal/modules/cjs/loader:1105:14)
at Module._extensions..js (node:internal/modules/cjs/loader:1159:10)
at Module.load (node:internal/modules/cjs/loader:981:32)
at Module._load (node:internal/modules/cjs/loader:827:12)
at Function.executeUserEntryPoint [as runMain] (node:internal/modules/run_main:77:12)
at node:internal/main/run_main_module:17:47

Node.js v18.0.0

Dependencies vulnerability

I'm getting a lot of vulnerabilities when installing the latest version. I tried npm audit fix but this didn't help.

ejs  <3.1.7
Severity: high
Template injection in ejs - https://github.com/advisories/GHSA-phwq-j96m-2c2q
No fix available
node_modules/ejs
  bootstrap-email  *
  Depends on vulnerable versions of ejs
  node_modules/bootstrap-email

nth-check  <2.0.1
Severity: moderate
Inefficient Regular Expression Complexity in nth-check - https://github.com/advisories/GHSA-rp65-9cf3-cjxr
fix available via `npm audit fix`
node_modules/juice/node_modules/nth-check
  css-select  <=3.1.0
  Depends on vulnerable versions of nth-check
  node_modules/juice/node_modules/css-select
    cheerio  0.19.0 - 1.0.0-rc.3
    Depends on vulnerable versions of css-select
    node_modules/juice/node_modules/cheerio
      juice  1.3.4 - 6.0.0
      Depends on vulnerable versions of cheerio
      node_modules/juice

6 vulnerabilities (4 moderate, 2 high)

node version 16.14.0
npm version 8.3.1

Critical vulnerability

Hello,

Looks like bootstrap-email is using vulnerable version of ejs. Could you please update?

yarn list --pattern bootstrap-email
yarn list v1.22.19
└─ [email protected]

Package
Affected versions
Patched version
ejs
(npm)
< 3.1.7
3.1.7
The ejs (aka Embedded JavaScript templates) package 3.1.6 for Node.js allows server-side template injection in settings[view options][outputFunctionName]. This is parsed as an internal option, and overwrites the outputFunctionName option with an arbitrary OS command (which is executed upon template compilation).

cheerio is not a function

Due to the latest changes in Cheerio - at least the version used in [email protected] - we're having troubles when compiling single/multiple templates.

Environment

Library version: 1.1.1
OS: OSX Big Sur
Node: 12 / 14

Expected behavior

new BootstrapEmail("foobar.html").compile()
// should return a compiled template string

Current behavior

new BootstrapEmail("foobar.html").compile()
// cheerio is not a function

The fix should be quite trivial, i.e. calling .default when requiring cheerio.

Related PRs

This has been addressed twice in the following PRs:

Vulnerability in npm audit

Hello,

I get this critical vulnerability reported by npm audit after installing the bootstrap-email package:

Critical ejs template injection vulnerability
Package ejs
Patched in >=3.1.7
Dependency of bootstrap-email
Path bootstrap-email > ejs
More info GHSA-phwq-j96m-2c2q

I got EJS updated to the latest version (3.1.9), but also tried 3.1.7 without success.

Can you help me to solve this issue?

Thanks for your reply and help in advance!

The compiler removes background-color inline style from the source

Hello,

Some how, the compiler removes from the source the background -color inline style, it not preserved it in the output result,

Any ideas how to sole this?

Thanks in advance,
Doron

node-sass dependency is an issue for developers with M1

sass/node-sass#2952

TypeError: cheerio is not a function

TypeError: cheerio is not a function
    at Function.wrapContent (c:\Users\ruper\Documents\Code\ReactTypescript\abcteam\abcteam_library_backend\node_modules\bootstrap-email\src\lib\ElementHelper.js:48:20)
    at ContentCompiler.body (c:\Users\ruper\Documents\Code\ReactTypescript\abcteam\abcteam_library_backend\node_modules\bootstrap-email\src\lib\ContentCompiler.js:265:17)
    at BootstrapEmail._compileHtml (c:\Users\ruper\Documents\Code\ReactTypescript\abcteam\abcteam_library_backend\node_modules\bootstrap-email\src\BootstrapEmail.js:235:20)
    at BootstrapEmail.compile (c:\Users\ruper\Documents\Code\ReactTypescript\abcteam\abcteam_library_backend\node_modules\bootstrap-email\src\BootstrapEmail.js:190:8)
    at BootstrapEmail.compileAndSave (c:\Users\ruper\Documents\Code\ReactTypescript\abcteam\abcteam_library_backend\node_modules\bootstrap-email\src\BootstrapEmail.js:203:24)
    at c:\Users\ruper\Documents\Code\ReactTypescript\abcteam\abcteam_library_backend\ts-build\src\assets\_emails\index.js:15:23
    at Array.forEach (<anonymous>)
    at c:\Users\ruper\Documents\Code\ReactTypescript\abcteam\abcteam_library_backend\ts-build\src\assets\_emails\index.js:11:122
    at FSReqCallback.oncomplete (fs.js:180:23)

Failed at the [email protected] install script.

Installation fails on dependency [email protected]

Wrong count with preview over 100 chars

I have a preview tag with over 100 chars (116 exactly) and I'm facing this issue

node_modules/bootstrap-email/lib/BootstrapEmail.js:513
preview.html(content + ' '.repeat(100 - content.length));

I think a control should be done to avoid negative count on this operation 100 - content.length

schwarzdavid / bootstrap-email Goto Github PK

bootstrap-email's People

Contributors

Stargazers

Watchers

Forkers

bootstrap-email's Issues

Cannot get BootstrapEmail to load

Crash when trying any example - cheerio TypeError: Cannot use 'in' operator to search for 'length' in false

Dependencies vulnerability

Critical vulnerability

cheerio is not a function

Vulnerability in npm audit

The compiler removes background-color inline style from the source

node-sass dependency is an issue for developers with M1

TypeError: cheerio is not a function

Failed at the [email protected] install script.

Wrong count with preview over 100 chars

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent