Code vulnerabilities related to babel-plugin-inline-react-svg

[PatchesMaps]

                                                                                
                       === npm audit security report ===                        
                                                                                
┌──────────────────────────────────────────────────────────────────────────────┐
│                                Manual Review                                 │
│            Some vulnerabilities require your attention to resolve            │
│                                                                              │
│         Visit https://go.npm.me/audit-guide for additional guidance          │
└──────────────────────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Moderate      │ Denial of Service                                            │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ js-yaml                                                      │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=3.13.0                                                     │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ babel-plugin-inline-react-svg [dev]                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ babel-plugin-inline-react-svg > svgo > js-yaml               │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://npmjs.com/advisories/788                             │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ High          │ Code Injection                                               │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ js-yaml                                                      │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=3.13.1                                                     │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ babel-plugin-inline-react-svg [dev]                          │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ babel-plugin-inline-react-svg > svgo > js-yaml               │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://npmjs.com/advisories/813                             │
└───────────────┴──────────────────────────────────────────────────────────────┘
found 2 vulnerabilities (1 moderate, 1 high) in 888865 scanned packages
  2 vulnerabilities require manual review. See the full report for details.

[PatchesMaps]

This seems to be the primary PR for fixing the issue in babel-plugin-inline-react-svg

[code-johnny-code]

Needs to be upgraded to [email protected]

[kcgunn]

Upgrade causes build failure: see github issue for reproduction

[akuma1]

We are deprecating ol-kit.
You may consider these alternatives:

• Use openlayers directly as recent versions of openlayers provides quite a bit of functionality out of box.
• Additionally , you can take a look at these openlayers libraries.