Jump to content
GreenSock

Search In
  • More options...
Find results that contain...
Find results in...
SteinarvDesign

GSAP installation via modules, ZIP download

Recommended Posts

Workflow in Visual Studio Code, Windows 10:

1) First I created a fresh React project with: npx create-react-app my-project

2) Then I downloaded the 'GSAP 3 with Shockingly Green bonus files' ZIP file, version 3.8.0

3) and added the gsap-bonus.tgz in the root directory of my project

4) When I installed the file with : my-project > npm install ./gsap-bonus.tgz,
    I received the message: added 1 package, and audited 1946 packages in 10s,
    58 vulnerabilities (16 moderate, 40 high, 2 critical)

5) After installation: my package.json file looks the same as in the 'module install' video.

 

How can there be that many vulnerabilities in an 'up-to-date' GSAP installation, and do I need to fix this ?

Link to comment
Share on other sites

First of all, thanks for being a Club GreenSock member!  🙌

 

I'm pretty sure those vulnerabilities have absolutely nothing to do with GSAP. The messages says "audited 1946 packages" and GSAP has absolutely zero dependencies, so it sounds like you've got a bunch of other packages installed in your project, some of which have vulnerabilities. We're not aware of any vulnerabilities in GSAP. 🤷‍♂️

Link to comment
Share on other sites

7 hours ago, SteinarvDesign said:

How can there be that many vulnerabilities in an 'up-to-date' GSAP installation, and do I need to fix this ?

 

You installed Create React App. 😉

 

Try installing it without React. GSAP has no dependencies. 

 

Link to comment
Share on other sites

7 hours ago, SteinarvDesign said:

How can there be that many vulnerabilities in an 'up-to-date' GSAP installation, and do I need to fix this ?

 

Like I mentioned above, GSAP has no dependencies, so those warnings are all for the React stuff. You can try to fix them, but it's unlikely you'll be able to get them all as create react app has a ton of dependencies.

 

If you don't mind me asking, why did you choose React? We want to improve GSAP integration with React, so we're looking for feedback on how to improve that.

 

  • Like 2
Link to comment
Share on other sites

I have been learning/practicing React w. hooks in 2021 and want to stay focused on React as much as possible.

GSAP with html, css, js, CDN files and a 'scripts' folder for the bonus plugins is the best solution so far.

 

A project with Webpack or Parcel is more problematic because of all the dependencies that the bundlers have. 
Creating a .npmrc file within my project folder and installing via: 'npm install gsap@npm:@gsap/shockingly' is a good solution, but
this solution comes with several security vulnerabilities not related to GSAP.

 

Link to comment
Share on other sites

You can try to fix those fix with with npm audit, and learn more about what the issue is and if it's even worth worrying about.

https://docs.npmjs.com/cli/v7/commands/npm-audit

 

I don't put a lot of thought into those warning because it's nearly impossible to get rid of them. Especially if I'm just running stuff locally.

 

  • Like 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×