This content originally appeared on DEV Community and was authored by David
This is a long-running series of logs that I'm sharing with my spouse to incrementally share everything I do to contribute to our project Old Time Tunes. My goal is to make tiny records of what it takes to build a web platform.
When I updated the dependencies using Nx, I saw that some dependencies were vulnerable. That doesn't matter much yet since we're not deploying anything to users, but I still ran npm audit fix.
Instead of fixing the dependencies, I got some ugly errors about mismatched dependencies (presumably from the Nx update). I asked Claude about the issue by asking "i ran an nx update recently, then tried updating vulnerable dependencies with npm audit fix and got" and then I pasted the error from the terminal.
Claude told me I should update the zone.js package, so I did that with npm install zone.js@~0.14.10. Then I ran npm audit fix again and voila:
~/dev/GitHub/old-time-tunes git:[main]
npm audit fix
added 16 packages, removed 16 packages, changed 37 packages, and audited 2134 packages in 13s
281 packages are looking for funding
run `npm fund` for details
found 0 vulnerabilities
I committed this as chore: fix vulnerabilities in nx 19.8.
This content originally appeared on DEV Community and was authored by David
David | Sciencx (2024-09-29T15:35:35+00:00) Old Time Tunes Dev Log 1a: Fixing vulnerable dependencies. Retrieved from https://www.scien.cx/2024/09/29/old-time-tunes-dev-log-1a-fixing-vulnerable-dependencies/
Please log in to upload a file.
There are no updates yet.
Click the Upload button above to add an update.