6 high severity vulnerabilities

Deluze / electron-vue-template

Simple Vue3 + Electron starter template in TypeScript, including ViteJS and Electron Builder

MIT License

534 stars 104 forks source link

6 high severity vulnerabilities #45

Closed bryaan closed 1 year ago

bryaan commented 1 year ago

Running npm install warns of vulns in packages. Is it safe to run npm audit fix --force to upgrade or will that cause breaking changes? I don't see this issue with standard vue/vite templates so im assuming this is related to this repo.

6 high severity vulnerabilities

To address all issues (including breaking changes), run:
  npm audit fix --force

Run `npm audit` for details.

Deluze commented 1 year ago

It looks like Electron Builder can get a bump to ^24.0 just fine, I think that should remove some severity vulnerabilities.

Deluze commented 1 year ago

Thanks for raising this issue @bryaan. I've bumped Electron Builder to newest major version (cf5d23fabe3d65bb3955dcc29fc057ec699f659c), the high severity vulnerabilities should be gone now :)