Installing Atlantis: How to get rid of 47 vulnerabilities?

UI Components for Vue
Post Reply
quilp
Posts: 1
Joined: 12 Apr 2017, 21:37

23 Sep 2022, 14:25

Hi I've just purchased the Atlantis template and tried to install it according to the documentation. The result is

47 vulnerabilities (18 moderate, 23 high, 6 critical)

After "npm audit fix":

39 vulnerabilities (17 moderate, 19 high, 3 critical)

After "npm audit fix --force" the app stops working.

A few lines from the audit report:

ejs <3.1.7
Severity: critical
ejs template injection vulnerability - https://github.com/advisories/GHSA-phwq-j96m-2c2q
fix available via `npm audit fix --force`
Will install @vue/cli-service@5.0.8, which is a breaking change

glob-parent <5.1.2
Severity: high
glob-parent before 5.1.2 vulnerable to Regular Expression Denial of Service in enclosure regex - https://github.com/advisories/GHSA-ww39-953v-wcq6
fix available via `npm audit fix --force`
Will install @vue/cli-service@5.0.8, which is a breaking change

node-forge <=1.2.1
Severity: high
Will install @vue/cli-service@5.0.8, which is a breaking change

nth-check <2.0.1
Severity: high
Will install @vue/cli-service@5.0.8, which is a breaking change

prismjs <=1.24.1
Severity: high
Will install prismjs@1.29.0, which is outside the stated dependency range
.............
.............
.............

With the exception of prismjs most problems are related to Vue CLI migration from v4 to v5.

I followed these instructions: https://cli.vuejs.org/migrations/migrate-from-v4.html, however, "vue upgrade" results in ERROR:

npm ERR!
npm ERR! While resolving: atlantis-vue@2.0.0
npm ERR! Found: @vue/cli-service@5.0.8
npm ERR! node_modules/@vue/cli-service
npm ERR! dev @vue/cli-service@"~5.0.8" from the root project
npm ERR!
npm ERR! Could not resolve dependency:
npm ERR! peer @vue/cli-service@"^3.0.0 || ^4.0.0-0" from @vue/cli-plugin-router@4.5.19
npm ERR! node_modules/@vue/cli-plugin-router
npm ERR! dev @vue/cli-plugin-router@"~4.5.0" from the root project

Would appreciate your help!

Post Reply

Return to “PrimeVue”

  • Information
  • Who is online

    Users browsing this forum: No registered users and 4 guests