Topic: Angular vulnerabilities in Angular-pro-advanced version(50)
Thirumoorthy Balasubramanian priority asked 2 years ago
Expected behavior 0 Vulnerabilities on default package Support to latest node and Angular version
Actual behavior
Default licensed package downloaded (MDB-Angular Pro Advanced version). Without adding anything just a bootstrap application default given with packages showing 50 vulnerabilities (Very high).
It is also not supporting Angular latest 13.2.0 version.. It requires old 12.2.x ..
Resources (screenshots, code snippets etc.) No Screen shot required.. Just do npm install you will get 5 High and 45 moderate vulnerabilities.
Arkadiusz Idzikowski staff answered 2 years ago
Thank you for reporting this problem, we will take a closer look at that and check what we can change on our end.
As a workaround for now please try to use npm audit fix
command to resolve vulnerability problems automatically. It is possible that we will need to add support for Angular v13 in order to resolve some of these problems. As I mentioned in your other thread, we don't know the exact date of the new major update, but it should be available in the upcoming weeks.
ak.leimrey pro commented 2 years ago
Do not bother. It is technically and logistically absolutely impossible to hit 0 vulnerabilities. NPM Audit is easily the most broken mess there is. Almost all vulnerabilities are part of the Dev environment which - unsurspringly - are NEVER shipped into the final bundle.
Thirumoorthy Balasubramanian priority commented 2 years ago
When can I expect support to 13.2.0.. Very difficult for me to downgrade all of my other dependencies.. Can I know timeline. so that I can plan to upgrade
Arkadiusz Idzikowski staff commented 2 years ago
@Thirumoorthy Balasubramanian The new major version with an update to v13 should be released within two weeks.
FREE CONSULTATION
Hire our experts to build a dedicated project. We'll analyze your business requirements, for free.
Answered
- ForumUser: Priority
- Premium support: Yes
- Technology: MDB Angular
- MDB Version: MDB5 1.6.1
- Device: All
- Browser: All
- OS: All
- Provided sample code: No
- Provided link: No