npm install results in 22 vulnerabilities (4 low, 3 moderate, 11 high, 4 critical) and deprecated dependencies

sahat / hackathon-starter

A boilerplate for Node.js web applications

MIT License

34.8k stars 8.16k forks source link

npm install results in 22 vulnerabilities (4 low, 3 moderate, 11 high, 4 critical) and deprecated dependencies #1209

Closed Ckal closed 1 year ago

Ckal commented 1 year ago

When I import the projekt into clean Visual studio and run npm install from cmd line I get:

Steps to reproduce

Clone the project
run npm install from cmd

Results into ... added 861 packages, and audited 862 packages ... 22 vulnerabilities (4 low, 3 moderate, 11 high, 4 critical) .. plus 9 deprecated ones.

after npm audit fix

11 vulnerabilities (4 low, 2 moderate, 3 high, 2 critical)

Is it possible to fix or replace those?

amritavpr commented 1 year ago

trying to work on this issue

YasharF commented 1 year ago

Replaced/fixed by: https://github.com/sahat/hackathon-starter/issues/1232 https://github.com/sahat/hackathon-starter/issues/1231 https://github.com/sahat/hackathon-starter/issues/1230 https://github.com/sahat/hackathon-starter/issues/1229 https://github.com/sahat/hackathon-starter/issues/1228 https://github.com/sahat/hackathon-starter/issues/1233

https://github.com/sahat/hackathon-starter/commit/6296aa7efe6cd789dd8fd7df8898c7f0cdba7d23