Topic: Angular vulnerabilities in Angular-pro-advanced version(50)

Thirumoorthy Balasubramanian priority asked 2 years ago

Expected behavior 0 Vulnerabilities on default package Support to latest node and Angular version

Actual behavior

Default licensed package downloaded (MDB-Angular Pro Advanced version). Without adding anything just a bootstrap application default given with packages showing 50 vulnerabilities (Very high).

It is also not supporting Angular latest 13.2.0 version.. It requires old 12.2.x ..

Resources (screenshots, code snippets etc.) No Screen shot required.. Just do npm install you will get 5 High and 45 moderate vulnerabilities.

Arkadiusz Idzikowski staff answered 2 years ago

Thank you for reporting this problem, we will take a closer look at that and check what we can change on our end.

As a workaround for now please try to use npm audit fix command to resolve vulnerability problems automatically. It is possible that we will need to add support for Angular v13 in order to resolve some of these problems. As I mentioned in your other thread, we don't know the exact date of the new major update, but it should be available in the upcoming weeks.

ak.leimrey pro commented 2 years ago

Do not bother. It is technically and logistically absolutely impossible to hit 0 vulnerabilities. NPM Audit is easily the most broken mess there is. Almost all vulnerabilities are part of the Dev environment which - unsurspringly - are NEVER shipped into the final bundle.

Thirumoorthy Balasubramanian priority commented 2 years ago

When can I expect support to 13.2.0.. Very difficult for me to downgrade all of my other dependencies.. Can I know timeline. so that I can plan to upgrade

Arkadiusz Idzikowski staff commented 2 years ago

@Thirumoorthy Balasubramanian The new major version with an update to v13 should be released within two weeks.

Please insert min. 20 characters.


Hire our experts to build a dedicated project. We'll analyze your business requirements, for free.



Specification of the issue

  • ForumUser: Priority
  • Premium support: Yes
  • Technology: MDB Angular
  • MDB Version: MDB5 1.6.1
  • Device: All
  • Browser: All
  • OS: All
  • Provided sample code: No
  • Provided link: No