Open rickysut opened 1 year ago
devappsteam
commented
1 year ago Hi, Run the command:
npm cache clean --force
Change versions in package.json
"node-sass": "^6.0.0" -> ^9.0.0
"gulp-sass": "4.0.2" -> 5.1.0
And then run npm update --legacy-peer-deps again.
monkeydev001
commented
10 months ago `npm audit fix
up to date, audited 1282 packages in 2s
95 packages are looking for funding
run npm fund for details
axios 0.8.1 - 1.5.1
Severity: moderate
Axios Cross-Site Request Forgery Vulnerability - https://github.com/advisories/GHSA-wf5p-g6vw-rhxx
fix available via npm audit fix --force
Will install browser-sync@2.23.7, which is a breaking change
node_modules/axios
localtunnel >=1.9.0
Depends on vulnerable versions of axios
node_modules/localtunnel
browser-sync >=2.24.0-rc1
Depends on vulnerable versions of localtunnel
node_modules/browser-sync
flatnest *
Severity: high
flatnest Prototype Pollution vulnerability - https://github.com/advisories/GHSA-7px2-3c2p-q4v4
fix available via npm audit fix --force
Will install gulp-file-include@0.10.0, which is a breaking change
node_modules/flatnest
gulp-file-include >=0.11.0
Depends on vulnerable versions of flatnest
node_modules/gulp-file-include
glob-parent <5.1.2
Severity: high
glob-parent before 5.1.2 vulnerable to Regular Expression Denial of Service in enclosure regex - https://github.com/advisories/GHSA-ww39-953v-wcq6
fix available via npm audit fix --force
Will install gulp@3.9.1, which is a breaking change
node_modules/glob-stream/node_modules/glob-parent
node_modules/glob-watcher/node_modules/glob-parent
chokidar 1.0.0-rc1 - 2.1.8
Depends on vulnerable versions of glob-parent
node_modules/glob-watcher/node_modules/chokidar
glob-watcher 3.0.0 - 5.0.5
Depends on vulnerable versions of chokidar
node_modules/glob-watcher
glob-stream 5.3.0 - 6.1.0
Depends on vulnerable versions of glob-parent
node_modules/glob-stream
vinyl-fs 2.4.2 - 3.0.3
Depends on vulnerable versions of glob-stream
node_modules/vinyl-fs
gulp >=4.0.0
Depends on vulnerable versions of glob-watcher
Depends on vulnerable versions of vinyl-fs
node_modules/gulp
postcss <8.4.31
Severity: moderate
PostCSS line return parsing error - https://github.com/advisories/GHSA-7fh5-64p2-3v2j
fix available via npm audit fix --force
Will install gulp-autoprefixer@9.0.0, which is a breaking change
node_modules/gulp-autoprefixer/node_modules/postcss
node_modules/resolve-url-loader/node_modules/postcss
autoprefixer 1.0.20131222 - 9.8.8
Depends on vulnerable versions of postcss
node_modules/gulp-autoprefixer/node_modules/autoprefixer
gulp-autoprefixer 0.0.3 - 0.0.10 || 2.2.0 - 7.0.1
Depends on vulnerable versions of autoprefixer
Depends on vulnerable versions of postcss
node_modules/gulp-autoprefixer
resolve-url-loader 0.0.1-experiment-postcss || 3.0.0-alpha.1 - 4.0.0
Depends on vulnerable versions of postcss
node_modules/resolve-url-loader
sweetalert2 9.17.4
sweetalert2 v9.17.4 and above contains hidden functionality - https://github.com/advisories/GHSA-pg98-6v7f-2xfv
fix available via npm audit fix
node_modules/sweetalert2
16 vulnerabilities (1 low, 7 moderate, 8 high)
To address issues that do not require attention, run: npm audit fix
To address all issues (including breaking changes), run: npm audit fix --force`
Can you help with problem?
monkeydev001
commented
10 months ago `npm audit fix
16 vulnerabilities (1 low, 7 moderate, 8 high) ............................................................................................................................................ To address issues that do not require attention, run: npm audit fix To address all issues (including breaking changes), run: npm audit fix --force`
Can you help with problem?
I update added "dart-scss": "sass resources/scss:public/css", to script section of package.json
Hi, I try installing on my mac and got error 2023-05-08T07_07_52_293Z-debug-0.log