0

When I'm trying to run 'npm update' I get 31 vulnerabilities. 'npm audit fix' and 'npm audit fix --force'. Do not seem to help. I think I need to manually update the vulnerabilities. But how do I do this?

A piece of of the output after running 'npm audit' shows this: enter image description here

I've also tried to do "npm update [package]" on the packages that are indicated in the npm audit report. But everything is already up to date.

JeffreyChong
  • 167
  • 1
  • 2
  • 11

1 Answers1

0

npm audit fix

By npm audit fix you get packages with vulnerabilities or packages that use other packages that has vulnerabilities.

  • You can simply read audit packages:

strip-ansi 4.0.0 - 5.2.0 Depends on vulnerable versions of ansi-regex

  • You can update or downgrade that package as your requirements, npm official site
  • You can search about that package , theirs all kind of information about package

By the way, there is a saying that "don't fix a code if it's Running fine"

Fabio Mendes Soares
  • 1,357
  • 5
  • 20
  • 30
keni homes
  • 16
  • 5