jsreport-phantom-pdf installation error in .net local jsreport



  • Hi

    When I try to install jsreport-phantom-pdf in .net local jsreport then getting these errors.

    
                                   Manual Review                                  
               Some vulnerabilities require your attention to resolve             
                                                                                  
            Visit https://go.npm.me/audit-guide for additional guidance           
                                                                                    
                                                                                    
    Moderate      Prototype Pollution                                           
                                                                                    
    Package       hoek                                                          
                                                                                    
    Patched in    > 4.2.0 < 5.0.0 || >= 5.0.3                                   
                                                                                    
    Dependency of jsreport-phantom-pdf                                          
                                                                                    
    Path          jsreport-phantom-pdf > phantom-html-to-pdf > phantom-workers  
                  > phantomjs > request > hawk > boom > hoek                    
                                                                                    
    More info     https://npmjs.com/advisories/566                              
                                                                                    
                                                                                    
    Moderate      Prototype Pollution                                           
                                                                                    
    Package       hoek                                                          
                                                                                    
    Patched in    > 4.2.0 < 5.0.0 || >= 5.0.3                                   
                                                                                    
    Dependency of jsreport-phantom-pdf                                          
                                                                                    
    Path          jsreport-phantom-pdf > phantom-html-to-pdf > phantom-workers  
                  > phantomjs > request > hawk > cryptiles > boom > hoek        
                                                                                    
    More info     https://npmjs.com/advisories/566                              
                                                                                    
                                                                                    
    Moderate      Prototype Pollution                                           
                                                                                    
    Package       hoek                                                          
                                                                                    
    Patched in    > 4.2.0 < 5.0.0 || >= 5.0.3                                   
                                                                                    
    Dependency of jsreport-phantom-pdf                                          
                                                                                    
    Path          jsreport-phantom-pdf > phantom-html-to-pdf > phantom-workers  
                  > phantomjs > request > hawk > hoek                           
                                                                                    
    More info     https://npmjs.com/advisories/566                              
                                                                                    
                                                                                    
    Moderate      Prototype Pollution                                           
                                                                                    
    Package       hoek                                                          
                                                                                    
    Patched in    > 4.2.0 < 5.0.0 || >= 5.0.3                                   
                                                                                    
    Dependency of jsreport-phantom-pdf                                          
                                                                                    
    Path          jsreport-phantom-pdf > phantom-html-to-pdf > phantom-workers  
                  > phantomjs > request > hawk > sntp > hoek                    
                                                                                    
    More info     https://npmjs.com/advisories/566                              
                                                                                    
                                                                                    
    Moderate      Prototype Pollution                                           
                                                                                    
    Package       hoek                                                          
                                                                                    
    Patched in    > 4.2.0 < 5.0.0 || >= 5.0.3                                   
                                                                                    
    Dependency of jsreport-phantom-pdf                                          
                                                                                    
    Path          jsreport-phantom-pdf > phantom-html-to-pdf > phantomjs >      
                  request > hawk > boom > hoek                                  
                                                                                    
    More info     https://npmjs.com/advisories/566                              
                                                                                    
                                                                                    
    Moderate      Prototype Pollution                                           
                                                                                    
    Package       hoek                                                          
                                                                                    
    Patched in    > 4.2.0 < 5.0.0 || >= 5.0.3                                   
                                                                                    
    Dependency of jsreport-phantom-pdf                                          
                                                                                    
    Path          jsreport-phantom-pdf > phantom-html-to-pdf > phantomjs >      
                  request > hawk > cryptiles > boom > hoek                      
                                                                                    
    More info     https://npmjs.com/advisories/566                              
                                                                                    
                                                                                    
    Moderate      Prototype Pollution                                           
                                                                                    
    Package       hoek                                                          
                                                                                    
    Patched in    > 4.2.0 < 5.0.0 || >= 5.0.3                                   
                                                                                    
    Dependency of jsreport-phantom-pdf                                          
                                                                                    
    Path          jsreport-phantom-pdf > phantom-html-to-pdf > phantomjs >      
                  request > hawk > hoek                                         
                                                                                    
    More info     https://npmjs.com/advisories/566                              
                                                                                    
                                                                                    
    Moderate      Prototype Pollution                                           
                                                                                    
    Package       hoek                                                          
                                                                                    
    Patched in    > 4.2.0 < 5.0.0 || >= 5.0.3                                   
                                                                                    
    Dependency of jsreport-phantom-pdf                                          
                                                                                    
    Path          jsreport-phantom-pdf > phantom-html-to-pdf > phantomjs >      
                  request > hawk > sntp > hoek                                  
                                                                                    
    More info     https://npmjs.com/advisories/566                              
                                                                                    
                                                                                    
    High          Arbitrary File Write via Archive Extraction                   
                                                                                    
    Package       adm-zip                                                       
                                                                                    
    Patched in    >=0.4.9                                                       
                                                                                    
    Dependency of jsreport-phantom-pdf                                          
                                                                                    
    Path          jsreport-phantom-pdf > phantom-html-to-pdf > phantom-workers  
                  > phantomjs > adm-zip                                         
                                                                                    
    More info     https://npmjs.com/advisories/681                              
                                                                                    
                                                                                    
    High          Arbitrary File Write via Archive Extraction                   
                                                                                    
    Package       adm-zip                                                       
                                                                                    
    Patched in    >=0.4.9                                                       
                                                                                    
    Dependency of jsreport-phantom-pdf                                          
                                                                                    
    Path          jsreport-phantom-pdf > phantom-html-to-pdf > phantomjs >      
                  adm-zip                                                       
                                                                                    
    More info     https://npmjs.com/advisories/681                              
                                                                                    
                                                                                    
    Moderate      Prototype Pollution                                           
                                                                                    
    Package       lodash                                                        
                                                                                    
    Patched in    >=4.17.11                                                     
                                                                                    
    Dependency of jsreport-phantom-pdf                                          
                                                                                    
    Path          jsreport-phantom-pdf > phantom-html-to-pdf > lodash           
                                                                                    
    More info     https://npmjs.com/advisories/782                              
                                                                                    
                                                                                    
    Low           Prototype Pollution                                           
                                                                                    
    Package       lodash                                                        
                                                                                    
    Patched in    >=4.17.5                                                      
                                                                                    
    Dependency of jsreport-phantom-pdf                                          
                                                                                    
    Path          jsreport-phantom-pdf > phantom-html-to-pdf > lodash           
                                                                                    
    More info     https://npmjs.com/advisories/577                              
                                                                                    
                                                                                    
    Moderate      Out-of-bounds Read                                            
                                                                                    
    Package       npmconf                                                       
                                                                                    
    Patched in    >=2.1.3                                                       
                                                                                    
    Dependency of jsreport-phantom-pdf                                          
                                                                                    
    Path          jsreport-phantom-pdf > phantom-html-to-pdf > phantom-workers  
                  > phantomjs > npmconf                                         
                                                                                    
    More info     https://npmjs.com/advisories/653                              
                                                                                    
                                                                                    
    Moderate      Out-of-bounds Read                                            
                                                                                    
    Package       npmconf                                                       
                                                                                    
    Patched in    >=2.1.3                                                       
                                                                                    
    Dependency of jsreport-phantom-pdf                                          
                                                                                    
    Path          jsreport-phantom-pdf > phantom-html-to-pdf > phantomjs >      
                  npmconf                                                       
                                                                                    
    More info     https://npmjs.com/advisories/653                              
                                                                                    
                                                                                    
    Moderate      Remote Memory Exposure                                        
                                                                                    
    Package       request                                                       
                                                                                    
    Patched in    >=2.68.0                                                      
                                                                                    
    Dependency of jsreport-phantom-pdf                                          
                                                                                    
    Path          jsreport-phantom-pdf > phantom-html-to-pdf > phantom-workers  
                  > phantomjs > request                                         
                                                                                    
    More info     https://npmjs.com/advisories/309                              
                                                                                    
                                                                                    
    Moderate      Remote Memory Exposure                                        
                                                                                    
    Package       request                                                       
                                                                                    
    Patched in    >=2.68.0                                                      
                                                                                    
    Dependency of jsreport-phantom-pdf                                          
                                                                                    
    Path          jsreport-phantom-pdf > phantom-html-to-pdf > phantomjs >      
                  request                                                       
                                                                                    
    More info     https://npmjs.com/advisories/309                              
                                                                                    
                                                                                    
    Moderate      Regular Expression Denial of Service                          
                                                                                    
    Package       mime                                                          
                                                                                    
    Patched in    >= 1.4.1 < 2.0.0 || >= 2.0.3                                  
                                                                                    
    Dependency of jsreport-phantom-pdf                                          
                                                                                    
    Path          jsreport-phantom-pdf > phantom-html-to-pdf > phantom-workers  
                  > phantomjs > request > form-data > mime                      
                                                                                    
    More info     https://npmjs.com/advisories/535                              
                                                                                    
                                                                                    
    Moderate      Regular Expression Denial of Service                          
                                                                                    
    Package       mime                                                          
                                                                                    
    Patched in    >= 1.4.1 < 2.0.0 || >= 2.0.3                                  
                                                                                    
    Dependency of jsreport-phantom-pdf                                          
                                                                                    
    Path          jsreport-phantom-pdf > phantom-html-to-pdf > phantomjs >      
                  request > form-data > mime                                    
                                                                                    
    More info     https://npmjs.com/advisories/535                              
                                                                                    
                                                                                    
    Moderate      Regular Expression Denial of Service                          
                                                                                    
    Package       hawk                                                          
                                                                                    
    Patched in    >=3.1.3 < 4.0.0 || >=4.1.1                                    
                                                                                    
    Dependency of jsreport-phantom-pdf                                          
                                                                                    
    Path          jsreport-phantom-pdf > phantom-html-to-pdf > phantom-workers  
                  > phantomjs > request > hawk                                  
                                                                                    
    More info     https://npmjs.com/advisories/77                               
                                                                                    
                                                                                    
    Moderate      Regular Expression Denial of Service                          
                                                                                    
    Package       hawk                                                          
                                                                                    
    Patched in    >=3.1.3 < 4.0.0 || >=4.1.1                                    
                                                                                    
    Dependency of jsreport-phantom-pdf                                          
                                                                                    
    Path          jsreport-phantom-pdf > phantom-html-to-pdf > phantomjs >      
                  request > hawk                                                
                                                                                    
    More info     https://npmjs.com/advisories/77                               
                                                                                    
                                                                                    
    Moderate      Memory Exposure                                               
                                                                                    
    Package       tunnel-agent                                                  
                                                                                    
    Patched in    >=0.6.0                                                       
                                                                                    
    Dependency of jsreport-phantom-pdf                                          
                                                                                    
    Path          jsreport-phantom-pdf > phantom-html-to-pdf > phantom-workers  
                  > phantomjs > request > tunnel-agent                          
                                                                                    
    More info     https://npmjs.com/advisories/598                              
                                                                                    
                                                                                    
    Moderate      Memory Exposure                                               
                                                                                    
    Package       tunnel-agent                                                  
                                                                                    
    Patched in    >=0.6.0                                                       
                                                                                    
    Dependency of jsreport-phantom-pdf                                          
                                                                                    
    Path          jsreport-phantom-pdf > phantom-html-to-pdf > phantomjs >      
                  request > tunnel-agent                                        
                                                                                    
    More info     https://npmjs.com/advisories/598                              
                                                                                    
    found 22 vulnerabilities (1 low, 19 moderate, 2 high) in 183 scanned packages
      22 vulnerabilities require manual review. See the full report for details.
    

    Any support on this would be kindly appreciated. Thank you



  • This looks, just like audit warnings. Not an actual error.



  • Thank you for the really quick answer!
    I did not find recipe phantom-pdf when run the application.



  • Above issue has fixed by using jsreport Windows platforms installation.
    But now my production and local reports have different look specially for images and font-size.Local reports have small images and font-size.Both are using phantomjs version 2.1.1 and same other setting like paper format,height.width, orientation..

    Any support on this would be kindly appreciated. Thank you



  • This behavior/bug of phantomjs is described here
    https://jsreport.net/learn/phantom-pdf#different-sizes-on-windows-vs-unix


Log in to reply
 

Looks like your connection to jsreport forum was lost, please wait while we try to reconnect.