Closed amarml17 closed 3 years ago
@c8y/cli and @angular packages are tightly coupled. So if you try to fix by changing angular version, c8y packages may not work properly. We are periodically scanning and fixing any open vulnerabilities which are not related to product/framework packages in application builder.
closing this issue since no further activity in this issue
One of our customer is using Cumulocity App builder and are seeing few vulnerability issues using @c8y/cli:1006.6.8 & @angular-devkit/build-angular": "0.803.17".
While fixing vulnerabilities errors of “@angular-devkit/build- angular by changing version, @c8y packages are getting affected. Please let us know how these vulnerability issues can be fixed.
Attached the Audit report and package.json file.
npm_audit_report.txt package.json.txt