Audit fails because of an underlying dependency
BlindDespair opened this issue · comments
I'm submitting a...
[ ] Regression (a behavior that used to work and stopped working in a new release)
[x] Bug report
[ ] Performance issue
[ ] Feature request
[ ] Documentation issue or request
[ ] Support request
[ ] Other... Please describe:
Current behavior
One of the deep dependencies makes npm audit fail in our projects. Please see the screenshot
The dependency name is ini and it's pulled by schematics
Expected behavior
npm audit should not fail
Minimal reproduction of the problem with instructions
Install 3.2.0 version of svg-icon and run npm audit
What is the motivation / use case for changing the behavior?
Our CI is failing because of this and for now we have to remove audit from it, but we would like to keep it in the future.
Environment
Angular CLI: 12.2.1
Node: 14.17.5
Package Manager: npm 6.14.14
OS: darwin x64
Angular: 12.2.1
... animations, cdk, cli, common, compiler, compiler-cli, core
... forms, material, platform-browser, platform-browser-dynamic
... router
Package Version
---------------------------------------------------------
@angular-devkit/architect 0.1201.4
@angular-devkit/build-angular 12.1.4
@angular-devkit/core 12.2.3
@angular-devkit/schematics 8.3.29
@schematics/angular 12.2.1
rxjs 6.6.7
typescript 4.3.5
Browser:
- [ ] Chrome (desktop) version XX
- [ ] Chrome (Android) version XX
- [ ] Chrome (iOS) version XX
- [ ] Firefox version XX
- [ ] Safari (desktop) version XX
- [ ] Safari (iOS) version XX
- [ ] IE version XX
- [ ] Edge version XX
For Tooling issues:
- Node version: 14.17.5
- Platform: All
Others:
You're welcome to submit a PR with a fix.