Unmaintained Imagemin plugin has security issues and does not work with macOS M1 chip #242
Labels
🪄 Enhancement
New feature or request.
Comments
|
it would appear that even Squoosh is abandoned now too? GoogleChromeLabs/squoosh#1084 (comment) it doesn't seem like there are any healthy projects to handle this task at the moment. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
We were updating our Emulsify version to more recent Storybook versions to handle NPM audit security warnings.
During this we noticed that the currently used Imagemin plugin has security issues. When digging deeper I noticed that the actual Imagemin plugin is unmaintained. It relies on the Imagemin package (npmjs.com/package/imagemin). There is an issue for the situation at github.com/imagemin/imagemin/issues/385.
The maintainer of the Imagemin plugin recommends switching to Squoosh (github.com/GoogleChromeLabs/squoosh). This plugin seems very active and it also has a Webpack plugin at squoosh-webpack-plugin.info.
I would suggest that we could also replace the current unmaintained Imagemin plugin with this alternative.
The other problem with the current plugin is that it does not compile with the newer macOS M1 chips.
The text was updated successfully, but these errors were encountered: