A well-structured Moleculer JS Boilerplate with Typescript, CLI, Service Helpers, Swagger, Jest support and everything you'll ever need to deploy rock solid projects. https://pankod.github.io/moleculerjs-boilerplate/
I updated to moleculer@0.14.5, moleculer-repl@0.6.4, and moleculer-web@0.9.1 as there are lodash vulnerabilities.
Dependency: NPM - lodash@4.17.10
RejectReasons (4)
Type: VULNERABILITY
Name: Prototype Pollution
Severity: high
Description: Versions of `lodash` before 4.17.5 are vulnerable to prototype pollution.
The vulnerable functions are 'defaultsDeep', 'merge', and 'mergeWith' which allow a malicious user to modify the prototype of `Object` via `{constructor: {prototype: {...}}}` causing the addition or modification of an existing property that will exist on all objects.
Type: VULNERABILITY
Name: Prototype Pollution
Severity: high
Description: Versions of `lodash` before 4.17.12 are vulnerable to Prototype Pollution. The function `defaultsDeep` allows a malicious user to modify the prototype of `Object` via `{constructor: {prototype: {...}}}` causing the addition or modification of an existing property that will exist on all objects.
Type: VULNERABILITY
Name: SNYK-JS-LODASH-450202
CVSS Score v3: 7.3
Severity: high
Description Link: https://snyk.io/vuln/SNYK-JS-LODASH-450202
Type: VULNERABILITY
Name: SNYK-JS-LODASH-73638
CVSS Score v3: 7.3
Severity: high
Description Link: https://snyk.io/vuln/SNYK-JS-LODASH-73638
... and I am now getting the error message:
$ npm run cli
> moleculerjs-boilerplate@1.0.0 cli I:\dev\iahub-universe
> pankod-cli add
_ __ _ _
_ _ _ __ __| | ___ / _(_)_ __ ___ __| |
| | | | '_ \ / _` |/ _ \ |_| | '_ \ / _ \/ _` |
| |_| | | | | (_| | __/ _| | | | | __/ (_| |
\__,_|_| |_|\__,_|\___|_| |_|_| |_|\___|\__,_|
» Error: The project undefined isn't supported.
npm ERR! code ELIFECYCLE
npm ERR! errno 2
npm ERR! moleculerjs-boilerplate@1.0.0 cli: `pankod-cli add`
npm ERR! Exit status 2
npm ERR!
npm ERR! Failed at the moleculerjs-boilerplate@1.0.0 cli script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.
npm ERR! A complete log of this run can be found in:
npm ERR! C:\Users\manch1uwook\AppData\Roaming\npm-cache\_logs\2020-06-19T13_37_38_826Z-debug.log
I updated to moleculer@0.14.5, moleculer-repl@0.6.4, and moleculer-web@0.9.1 as there are lodash vulnerabilities.
... and I am now getting the error message: