Get rid of those vulnerabilities warnings

Alexander-Taran · June 5, 2022, 10:45pm

npm ^8.0.0 has a nice feature overrides

for a cli-bundler based project you can add this section to package.json to get rid of vulnerable packages. ymmv.

  "overrides": {
    "chokidar": "^3.0.0",
    "glob-stream": "^7.0.0",
    "glob-parent": "^6.0.0",
    "micromatch": "^4.0.0"
  }

@huochunpeng promised to update templates. (-:

huochunpeng · June 5, 2022, 11:19pm

Both v1 and v2 skeletons were updated to work better with npm v8.

Topic		Replies	Views
Removing vulnerabilities in new project (v1 app skeleton) Help Requests	6	598	April 12, 2022
High Severity Security Warnings on Initial aurelia-cli Install Help Requests	5	1009	December 20, 2022
(Solved) Error installing my new (& first) cli-generated plugin Help Requests	13	2823	August 16, 2019
Aurelia-cli new project - npm audit vulnerabilities Help Requests	7	703	February 5, 2019
Issue with CLI-bundler when overriding bootstrap styles (using SASS) Help Requests	22	941	April 15, 2021