Are these actively being worked on to be resolved by the strapi team? It would be nice to see when doing even a clean install that everything is up to date and 0 vulnerabilities.
This topic has been created from a Discord post (1258894221327470635) to give it more visibility.
It will be on Read-Only mode here.
Join the conversation on Discord
Fresh install of strapi v5 RC results in:
27 vulnerabilities (14 moderate, 12 high, 1 critical)
Hmm… is this normal?
This is normal yes and it’s not just us it’s the entire node ecosystem.
New stuff gets reported daily and about 80% of the time it’s just pointless fluff reporting.
We evaluate and fix the security vulnerability is that actually apply to us as soon as possible and the rest we take when we have time