[ ] Yes, this behavior used to work in the previous version
The previous version in which this bug was not present was
No response
Description
Running npm audit on Angular v17 project causes an error output, because @angular-devkit/build-angular depends on vulnerable version of http-proxy-middleware
alan-agius4
commented
2 hours ago
Command
new
Is this a regression?
The previous version in which this bug was not present was
No response
Description
Running npm audit on Angular v17 project causes an error output, because @angular-devkit/build-angular depends on vulnerable version of http-proxy-middleware
See more details: GHSA-c7qv-q95q-8v27
Minimal Reproduction
Create new Angular v17 project. Run npm audit in the project folder
Exception or Error
No response
Your Environment
Angular CLI: 17.3.8 Node: 20.16.0 Package Manager: npm 10.8.2 OS: win32 x64
Angular: 17.3.12 ... animations, common, compiler, compiler-cli, core, forms ... language-service, platform-browser, platform-browser-dynamic ... router
Package Version
@angular-devkit/architect 0.1703.8 @angular-devkit/build-angular 17.3.10 @angular-devkit/core 17.3.8 @angular-devkit/schematics 17.3.8 @angular/cdk 17.3.10 @angular/cli 17.3.8 @schematics/angular 17.3.8 rxjs 7.8.1 typescript 5.4.5 zone.js 0.14.8
Anything else relevant?
No response