-
Notifications
You must be signed in to change notification settings - Fork 2.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
NPM audit Angular project found 36 vulnerabilities (35 moderate, 1 high) #5792
Comments
Thank you for submitting the issue. @leosvelperez @Coly010 We need to update the version of buiild-angular and I think it will be fixed. |
Thank you! |
The root issue of the Moderate warnings is here: angular/angular-cli#20795. It's currently blocked on csstools/postcss-preset-env#191. The High warning is fixed in |
I changed the dependencies for new workspaces to get the latest minor versions of the Angular packages when creating the workspace. That fixes the High vulnerability since, by default, it will install at least version 12.0.2 of the There's nothing we can do with the Moderate vulnerabilities. They will be solved when the issues mentioned in this comment #5792 (comment) get resolved. When that happens, devs will need to make sure to install the appropriate version of the |
I'll close this one as is not actionable for us. The remaining vulnerabilities come from the |
This issue has been closed for more than 30 days. If this issue is still occuring, please open a new issue with more recent context. |
Current Behavior
Created the Angulyar project. Conducted an audit. Found 36 vulnerabilities (35 moderate, 1 high)
Expected Behavior
Expect the audit to find 0 vulnerabilities
Steps to Reproduce
Run
npm audit
Environment
NX Report:
The text was updated successfully, but these errors were encountered: