shards-vue Update bootstrap and shards-ui packages to fix insecure version of bootstrap

Update bootstrap and shards-ui packages to fix insecure version of bootstrap

Open sonisaurabh19 opened this issue 4 years ago • 0 comments

Expected Behavior

npm audit should pass

Current Behavior

npm audit shows a vulnerability in 4.1.3:

npm audit report

bootstrap <3.4.1 || >=4.0.0 <4.3.1 Severity: moderate Cross-Site Scripting - https://npmjs.com/advisories/891 No fix available node_modules/shards-vue/node_modules/bootstrap shards-ui 2.0.0 - 2.1.2 Depends on vulnerable versions of bootstrap node_modules/shards-vue/node_modules/shards-ui shards-vue * Depends on vulnerable versions of shards-ui node_modules/shards-vue

Steps to Reproduce

Install shards-vue
Run npm audit

Context (Environment)

Possible Solution

Upgrade bootstrap to >= 4.3.1 Upgrade shards-ui >= 3.0.0

Possible Implementation

Dec 12 '20 22:12 sonisaurabh19

shards-vue shards-vue copied to clipboard

Update bootstrap and shards-ui packages to fix insecure version of bootstrap

Expected Behavior

Current Behavior

npm audit report

Steps to Reproduce

Context (Environment)

Possible Solution

Possible Implementation

shards-vue
shards-vue copied to clipboard