Hi, I have a question, when it comes to development for customers. We often use the ACA as a base for further development, since there are already many features available. There is the extension mechanism, which would normally allow us to write our customization code in an npm package, to keep it seperate from the Content App source code. But in practice the extension mechanism is not sufficient enough for the customization request we get from customers. So sometimes it is necessary to take the Content App and make direct modifications of the source code in our repository. But then of course this gets messy, when trying to update stuff from the ACA, which of course offers fixes for newer ADF versions.
Do you guys know of a way to deal with that, or have had experience? I mean best case, we would have in our repo only our modifications/own code and loads the current Content App with a script and overrides its content with our changes. But I guess that's not possible without both of them knowing about each other.
I'm not able to install alfresco-content-app because of the Security Vulnerability (https://snyk.io/vuln/SNYK-JS-AJV-584908)
Any thought when is Alfresco looking to resolve this.
@DenysVuika, thanks for responding.
So before I try to install "alfresco-content-app", I need to get the dependency firstname.lastname@example.org, when I try to get that within our firm, the security scan rejects it because "email@example.com" uses firstname.lastname@example.org which in-turn depends on email@example.com which has the vulnerability SNYK-JS-AJV-584908. Sorry for long explanation. But I can add more details if that helps.
Hi @DenysVuika, For example
Check the "versions", I am using the "v8-lts", this does not correspond to Angular 8?
@DenysVuika, Need to provide manual review for the following vulnerability