Upgrade to Angular 1.7 and other outdated dependencies #134
Description
Our application uses many dependencies which are outdated and have various security issues, see:
- Angular 1.4.14 ->1.7.9 as per automatic
dependbotPR: Bump angular from 1.4.14 to 1.7.9 #127 - Lodash 4.2.1 to 4.17.13 as per automatic
dependbotPR Bump lodash from 4.2.1 to 4.17.13 #136. Be careful as the is breaking change (_is no longer global), see Revert "Bump lodash from 4.2.1 to 4.17.13" #135 - https://github.com/topcoder-platform/admin-app/security - 36 dependencies with issues
- run
npm audit:found 268 vulnerabilities (108 low, 56 moderate, 103 high, 1 critical) in 6097 scanned packages run `npm audit fix` to fix 186 of them. 45 vulnerabilities require semver-major dependency updates. 37 vulnerabilities require manual review. See the full report for details.
The main challenge is to upgrade Angular from 1.4.14 to 1.7.9 as every step 1.4 -> 1.5, 1.5 -> 1.6 and 1.6 -> 1.7 has some breaking changes https://docs.angularjs.org/guide/migration