Outdated MDB5-REACT-UI-KIT-Pro-Advanced-9.0.0.zip ?


Topic: Outdated MDB5-REACT-UI-KIT-Pro-Advanced-9.0.0.zip ?

peteritv pro premium priority asked 10 months ago

*Expected behavior*When installing MDB React manually from MDB5-REACT-UI-KIT-Pro-Advanced-9.0.0.zip, I would expect it to finish with 0 vulnerabilities.

*Actual behavior*There were 8 vulnerabilities.

Resources (screenshots, code snippets etc.)Vulnerabilities

Will there be an update?

Greetz, Peter


Mateusz Lazaru staff answered 10 months ago

Could you send error logs? The image is not showing up.


peteritv pro premium priority answered 9 months ago

Hi,

I just unzipped the downloaded zip-file and ran npm install in it. Result:

PS D:\Projects\React\MDB5-REACT-UI-KIT-Pro-Advanced-9.0.0> npm install

changed 1 package, and audited 1334 packages in 2s

262 packages are looking for funding
  run `npm fund` for details

8 vulnerabilities (2 moderate, 6 high)

To address all issues (including breaking changes), run:
  npm audit fix --force

peteritv pro premium priority commented 9 months ago

Running npm audit fix --force makes things a lot worse...

It replaced react-scripts@5.0.1 with react-scripts@3.0.1 which is bad...


Mateusz Lazaru staff commented 9 months ago

I'm adding a task to address the issue.


Please insert min. 20 characters.

FREE CONSULTATION

Hire our experts to build a dedicated project. We'll analyze your business requirements, for free.

Status

Answered

Specification of the issue
  • User: Pro
  • Premium support: Yes
  • Technology: MDB React
  • MDB Version: MDB5 9.0.0
  • Device: Desktop PC
  • Browser: Any
  • OS: Windows 11
  • Provided sample code: No
  • Provided link: No