vulnerabilities in npm Package
Closed this issue · 2 comments
techievinoth commented
I have tried installing the package, It has displayed on installation complete.
found 15 vulnerabilities (4 low, 5 moderate, 6 high)
irossimoline commented
Hi @techievinoth,
I've tried to install it on a sample project I have with Angular 6, and I'm not receiving any warning:
npm install angular4-material-table@0.6.4 --save
I have few questions:
- Which
angular4-material-table
version are you trying to install and which Angular version do you have on your project? - Do you have your
@angular
packages updated? - Which version of npm do you have?
npm -v
I think those vulnerabilities does not come from the package itself, but from the package dependencies.
The package depends on:
- Few
@angular
packages:@angular/common
,@angular/core
,@angular/forms
,@angular/cdk
. rxjs
(which is also an@angular
dependency).zone.js
(which is also an@angular
dependency).core-js
(which is also an@angular
dependency).lodash.clonedeep
, which is the only dependency that is not included at@angular
.
irossimoline commented
I'm closing this issue as no answer was received, and the dependencies included are the expected dependencies from angular, with the exception of a lodash function.
If you have any additional question please feel free to open a new issue.