How to Fix Zalgo Issue (Spamming Console) with Colors.js 1.4.1/1.4.2
Colors.js, the open source Javascript package used by 4.3 million repositories has recently been corrupted by its owner Marak. Causing the library spamming console with a bunch of garbled characters.
Ironically, the original usage of this package was to make the console more readable by adding colors and styles. Now it's doing the complete opposite.
![Colors.js](/images/JjwdZLpH8moB.623x567.jpg)
1.4.1
Fix Security Vulnerability
To fix this problem is quite simple, just pin the version of Colors.js to unaffected 1.4.0
:
"dependencies": {
...
"colors": "1.4.0",
...
}
JSON
Migrate to Chalk
Alternatively, you should consider migrating your project to more reliable packages like Chalk, which is another Node.js library focused on terminal styling. And with quite a similar API as well:
-
Colors.js
import colors from 'colors'; console.log(colors.green('This is green'));
Javascript -
Chalk
import chalk from 'chalk'; console.log(chalk.green('This is green too'));
Javascript
To install Chalk from npm:
$ npm install chalk
Notes
As of 11 Jan 2022, Colors.js has reverted versions 1.4.1
and 1.4.2
to 1.4.0
on npm:
![Versions](/images/JjwdZLlH8moB.896x548.jpg)
Check your installed Colors.js version:
$ npm ls colors
└── colors@1.4.0
Output