Reputation: 786
Installing Angular material leads to almost 600 vulnerabilities audit result
I need the drag and drop capabilities from the @angular/material module, but when I install it using angular cli, a bunch of vulnerabilities come out of the audit. The program works, but if I try to run npm audit fix, there is an error that the angular cli compiler module is not found.
How do I properly fix the vulnerabilities? npm update did not work.
Here's the output of ng --version:
Angular CLI: 7.2.4
Node: 10.16.1
OS: linux x64
Angular: 7.2.15
... animations, common, compiler, compiler-cli, core, forms
... http, language-service, platform-browser
... platform-browser-dynamic, router
Package Version
-----------------------------------------------------------
@angular-devkit/architect 0.12.4
@angular-devkit/build-angular 0.12.4
@angular-devkit/build-optimizer 0.12.4
@angular-devkit/build-webpack 0.12.4
@angular-devkit/core 7.2.4
@angular-devkit/schematics 7.2.4
@angular/cdk 8.1.2
@angular/cli 7.2.4
@angular/material 8.1.2
@ngtools/webpack 7.2.4
@schematics/angular 7.2.4
@schematics/update 0.12.4
rxjs 6.3.3
typescript 3.2.4
webpack 4.28.4
Here's what npm install in my project returns, apart from a few not installed peer dependencies:
audited 41915 packages in 5.767s
found 596 vulnerabilities (1 low, 2 moderate, 593 high)
run `npm audit fix` to fix them, or `npm audit` for details
The audit refers to angular cli, build-angular and so on - so all kinds of different packages.
Upvotes: 1
Views: 496
Answers (2)
Reputation: 3571
You seem to be on an older version of Angular. Update to the latest version of Angular (you may have to update some code, particularly if you use lazily loaded modules), starting with the CLI. You can then use ng update followed by the packages you wish to update: http://angular.io/cli/update
Upvotes: 1
Reputation: 4294
Instead of npm install try npm install -d and try ng update to update angular version
This will not install npm globally. Then also there will be errors but when you run the project it will be work fine.
Upvotes: 1
Related Questions
- Npm install gives warnings, npm audit fix not working
- NPM-AUDIT find to high vulnerabilities. What am I supposed to do?
- Ionic - found 50 vulnerabilities on npm install
- Angular new project vulnerabilities
- How to fix npm audit vulnerabilities angular 12.0.3
- How to resolve npm audit vulnerabilities? Angular fresh project
- Angular material build error in node modules
- How to fix these vulnerabilities? (npm audit fix fails to fix these vulnerabilities)
- found 1 high severity vulnerability(angular material installation)
- Npm audit report says 'found 1 low severity vulnerability' karma > expand-braces > braces