Vulnerabilities in Frctl

Open ThomasHoenselaars opened this issue 3 years ago • 2 comments

Steps to reproduce the issue

Update all packages in your repo
Run npm audit
12 vulnerabilities that cannot be removed because they are caused within Frctl/core|mandlebrot|web etc

Reproduces how often:

100%

Regardless of the message the issue persists when running npm audit fix --force. I have also tried to manually update to all previous versions starting with the latest version but the vulnerabilities remain.

All the issues are within dependencies of Frctl in some way

Context

Fractal version: @frctl/[email protected] @frctl/[email protected] @frctl/[email protected]
Node version: 16.15.0
OS: any

May 10 '22 11:05 ThomasHoenselaars

100% this ☝️

Jun 16 '22 22:06 ryanbendel

This issue is related to vorpal: https://github.com/frctl/fractal/issues/671

Jun 21 '22 14:06 rediris

This was partially fixed in #1206 , however the main one is the Vorpal dependency.

Closing this issue as the Vorpal one is now being handled by virtue of #671

Aug 27 '22 01:08 Chapabu