Looks great and would love to use it for the basis of a ecomm site but having issues ..... #4
Description
⨯ app\page.tsx (16:31) @ browse
⨯ TypeError: Cannot read properties of undefined (reading 'browse')
at fetchLandingPage (./app/page.tsx:19:31)
at async LandingPage (./app/page.tsx:23:24)
digest: "3035458750"
14 |
15 | return {
16 | blocks: response.data.browse?.landingPage?.hits?.[0]?.blocks,
| ^
17 | };
18 | };
19 |
⨯ app\layout.tsx (27:31) @ browse
⨯ TypeError: Cannot read properties of undefined (reading 'browse')
at fetchLayout (./app/layout.tsx:37:31)
at async RootLayout (./app/layout.tsx:42:20)
digest: "2789966615"
25 | };
26 | return {
27 | header: response.data.browse?.header?.hits?.[0]?.children?.hits,
| ^
28 | footer: null,
29 | };
30 | };
⨯ app\layout.tsx (27:31) @ browse
⨯ TypeError: Cannot read properties of undefined (reading 'browse')
at fetchLayout (./app/layout.tsx:37:31)
at async RootLayout (./app/layout.tsx:42:20)
digest: "2789966615"
25 | };
26 | return {
27 | header: response.data.browse?.header?.hits?.[0]?.children?.hits,
| ^
28 | footer: null,
29 | };
30 | };
It also seems to be dependent on back-level modules and modules with vulnerabilities :-
npm audit report
jsonwebtoken <=8.5.1
Severity: high
jsonwebtoken vulnerable to signature validation bypass due to insecure default algorithm in jwt.verify() - GHSA-qwph-4952-7xr6
jsonwebtoken unrestricted key type could lead to legacy keys usage - GHSA-8cf7-32gw-wr33
jsonwebtoken's insecure implementation of key retrieval function could lead to Forgeable Public/Private Tokens from RSA to HMAC - GHSA-hjrf-2m68-5959
No fix available
node_modules/jsonwebtoken
@crystallize/node-service-api-request-handlers *
Depends on vulnerable versions of jsonwebtoken
node_modules/@crystallize/node-service-api-request-handlers
2 vulnerabilities (1 moderate, 1 high)
Some issues need review, and may require choosing
a different dependency.