search

seydx / camera.ui

NVR like user Interface for RTSP capable cameras
https://github.com/seydx/camera.ui
MIT License
695 stars 111 forks source link

installation in window 11 #430

Open ifastech opened 1 year ago

ifastech commented 1 year ago

npm audit report

ftp-srv >=0.0.0 Severity: high Server-Side Request Forgery in ftp-srv - https://github.com/advisories/GHSA-r4m5-47cq-6qg8 No fix available node_modules/ftp-srv

jsonwebtoken <=8.5.1 Severity: moderate jsonwebtoken unrestricted key type could lead to legacy keys usage - https://github.com/advisories/GHSA-8cf7-32gw-wr33 jsonwebtoken's insecure implementation of key retrieval function could lead to Forgeable Public/Private Tokens from RSA to HMAC - https://github.com/advisories/GHSA-hjrf-2m68-5959 jsonwebtoken vulnerable to signature validation bypass due to insecure default algorithm in jwt.verify() - https://github.com/advisories/GHSA-qwph-4952-7xr6 No fix available node_modules/socketio-jwt/node_modules/jsonwebtoken socketio-jwt * Depends on vulnerable versions of jsonwebtoken node_modules/socketio-jwt

postcss <8.4.31 Severity: moderate PostCSS line return parsing error - https://github.com/advisories/GHSA-7fh5-64p2-3v2j fix available via npm audit fix --force Will install @vue/cli-service@3.3.1, which is a breaking change node_modules/@vue/component-compiler-utils/node_modules/postcss @vue/component-compiler-utils Depends on vulnerable versions of postcss node_modules/@vue/component-compiler-utils @vue/cli-service Depends on vulnerable versions of @vue/component-compiler-utils Depends on vulnerable versions of vue-loader node_modules/@vue/cli-service vue-loader 15.0.0-beta.1 - 15.11.1 Depends on vulnerable versions of @vue/component-compiler-utils node_modules/@vue/vue-loader-v15

request Severity: moderate Server-Side Request Forgery in Request - https://github.com/advisories/GHSA-p8p7-x288-28g6 Depends on vulnerable versions of tough-cookie fix available via npm audit fix --force Will install node-telegram-bot-api@0.63.0, which is a breaking change node_modules/request request-promise-core Depends on vulnerable versions of request node_modules/request-promise-core @cypress/request-promise * Depends on vulnerable versions of request-promise-core node_modules/@cypress/request-promise node-telegram-bot-api >=0.64.0 Depends on vulnerable versions of @cypress/request-promise node_modules/node-telegram-bot-api

tough-cookie <4.1.3 Severity: moderate tough-cookie Prototype Pollution vulnerability - https://github.com/advisories/GHSA-72xf-g2v4-qvf3 fix available via npm audit fix --force Will install node-telegram-bot-api@0.63.0, which is a breaking change node_modules/request/node_modules/tough-cookie

12 vulnerabilities (11 moderate, 1 high)

To address all issues possible (including breaking changes), run: npm audit fix --force

Some issues need review, and may require choosing a different dependency.

mkz212 commented 3 months ago

🎉 A new version of camera.ui

A new version of camera.ui is currently under active development. An initial alpha/beta release and previews are coming soon. Stay tuned for exciting updates: https://github.com/seydx/camera.ui/issues/448 .

This version will no longer be developed / fixed. The new version contains many novelties and fixes (most important is for HKSV recording).