Vulnerabilities found in package

[justindonnaruma]

Prerequisites

Please answer the following questions for yourself before submitting an issue.

• I am running the latest version
• I checked the documentation and found no answer
• I checked to make sure that this issue has not already been filed
• I'm reporting the issue to the correct repository (for multi-repository projects)

Expected Behavior

Clean installation with no vulnerabilities.

Current Behavior

Install has 68 vulnerabilities

Steps to Reproduce

1. Download package
2. unpack package to a directory
3. cd <packageDir>
4. npm i

Context

Please provide any relevant information about your setup. This is important in case the issue is not reproducible except for under certain conditions.

• Device: Razer Blade Advanced 15" (2018
• Operating System: Windows 10 (Insider Build)
• Browser and Version: Not Applicable

Failure Logs

added 2302 packages from 902 contributors and audited 37218 packages in 67.915s
found 68 vulnerabilities (63 low, 5 high)
  run `npm audit fix` to fix them, or `npm audit` for details

[einazare]

Hello there, @justindonnaruma ,

Thank you for your interest in working with our products.
Please read this thread here: creativetimofficial/material-dashboard-react#91
Also, I would like to point out, that this functionality of npm, with vulnerabilities, is something new, a year ago, we didn't had this functionality and we (when I say we, I refer to all developers which are using npm - I saw projects that were working on React 14, and they were happy with that version) were using old versions. In fact, this thing with vulnerabilities, it is just saying that you should update your dependencies to the latest version - but this sometimes isn't that OK, since newer version may come with bugs - that is why a lot of developers are happier with older versions because they work.
If I am wrong about these vulnerabilities, please share with me your thoughts.

Best,
Manu