28 Vulnerabilities on TeamsFX dependencies #9812
Assignees
Labels
Comments
|
Thank you for contacting us! Any issue or feedback from you is quite important to us. We will do our best to fully respond to your issue as soon as possible. Sometimes additional investigations may be needed, we will usually get back to you within 2 days by adding comments to this issue. Please stay tuned. |
|
The lastest version of TTK has fixed these issues. Thanks. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
Running npm audit of a project based on TeamsFX it responds with 28 vulnerabilities, and npm audit fix/ fix -- force doesn'r resolve the issues.
Here is some lines of the package-lock.json:
"name": "teamsfx-template-tab",
"version": "0.1.0",
"dependencies": {
"@azure/ms-rest-js": "^2.7.0",
"@azure/msal-node": "^1.14.5",
"@date-io/date-fns": "^2.13.1",
"@date-io/moment": "^2.13.1",
"@emotion/react": "^11.7.1",
"@emotion/styled": "^11.6.0",
"@fortawesome/fontawesome-svg-core": "^6.1.1",
"@fortawesome/free-solid-svg-icons": "^6.1.1",
"@fortawesome/pro-duotone-svg-icons": "^6.1.1",
"@fortawesome/pro-light-svg-icons": "^6.1.1",
"@fortawesome/pro-regular-svg-icons": "^6.1.1",
"@fortawesome/pro-solid-svg-icons": "^6.1.1",
"@fortawesome/pro-thin-svg-icons": "^6.1.1",
"@fortawesome/react-fontawesome": "^0.1.18",
"@microsoft/mgt-element": "2.4.1-next.teamsfx.8d56785",
"@microsoft/mgt-react": "2.4.1-next.teamsfx.8d56785",
"@microsoft/mgt-teamsfx-provider": "2.4.1-next.teamsfx.8d56785",
"@microsoft/microsoft-graph-client": "^3.0.1",
"@microsoft/recognizers-text-suite": "^1.3.1",
"@microsoft/teams-js": "^2.2.0",
"@microsoft/teamsfx": "^2.2.2",
"@microsoft/teamsfx-cli": "^2.0.1",
"@microsoft/teamsfx-core": "^2.0.3",
"@microsoft/teamsfx-react": "2.0.0-beta.1",
"@mui/icons-material": "^5.3.1",
"@mui/lab": "^5.0.0-alpha.66",
"@mui/material": "^5.3.0",
"@mui/system": "^5.10.9",
"@mui/x-date-pickers": "^5.0.3",
"@pmmmwh/react-refresh-webpack-plugin": "^0.5.11",
"@reduxjs/toolkit": "^1.7.1",
"@svgr/webpack": "^8.1.0",
"@testing-library/jest-dom": "^4.2.4",
"@testing-library/react": "^9.5.0",
"@testing-library/user-event": "^7.2.1",
"@types/jest": "^24.9.1",
"@types/node": "^12.20.42",
"@types/react": "^17.0.8",
"@types/react-dom": "^16.9.14",
"@types/react-redux": "^7.1.22",
"@types/styled-components": "^5.1.25",
"@xmldom/xmldom": "^0.8.10",
"adaptive-expressions": "^4.20.0",
"adjust-sourcemap-loader": "^5.0.0",
"axios": "^0.25.0",
"b64-to-blob": "^1.2.19",
"babel-loader": "^9.1.3",
"babel-plugin-macros": "^3.1.0",
"bootstrap": "^5.1.3",
"botbuilder-dialogs": "^4.20.0",
"botframework-connector": "^4.20.0",
"date-fns": "^2.28.0",
"decode-uri-component": "^0.4.1",
"file-loader": "^6.2.0",
"file-saver": "^2.0.5",
"fontawesome-free": "^1.0.4",
"i18next": "^21.6.6",
"json5": "^2.2.2",
"jwt-decode": "^3.1.2",
"loader-utils": "^2.0.4",
"moment": "^2.29.1",
"msal": "^1.4.15",
"msteams-react-base-component": "^4.0.1",
"react": "^18.2.0",
"react-aad-msal": "^2.3.5",
"react-bootstrap": "^2.1.1",
"react-dev-utils": "^12.0.1",
"react-device-detect": "^2.1.2",
"react-dom": "^17.0.2",
"react-excel-renderer": "^1.1.0",
"react-hook-form": "^7.24.2",
"react-i18next": "^11.15.3",
"react-redux": "^7.2.6",
"react-router-dom": "^5.2.1",
"react-scripts": "^5.0.1",
"recursive-readdir": "^2.2.3",
"resolve-url-loader": "^5.0.0",
"rxjs": "^7.5.2",
"sass": "^1.49.7",
"semver": "^7.5.1",
"styled-components": "^5.3.5",
"sweetalert2": "^11.7.27",
"sweetalert2-react-content": "^4.2.0",
"tough-cookie": "^4.1.3",
"typescript": "^4.1.6",
"ua-parser-js": "^1.0.35",
"web-vitals": "^2.1.3",
"webpack": "^5.88.2",
"word-wrap": "^1.2.5",
"xlsx": "^0.18.0"
},
"devDependencies": {
"@types/react-router-dom": "^5.1.7",
"cross-env": "^7.0.3",
"env-cmd": "^10.1.0",
"typescript": "^4.1.2"
}
Screenshots
The text was updated successfully, but these errors were encountered: