I'm new to coding. I'm using Windows10 and just installed a WSL. I want to install Ganache using the command npm install -g ganache-cli but it says it has 8 vulnerabilities (7 moderate,1 high)
When I write npm audit fix or npm audit fix --force it says that there are no vulnerabilities. I don't understand where the problem is.
My NPM version is 8.3.0
There's no real reason to be alarmed about the vulnerabilities npm report, especially for a new project. Most of the time, these vulnerabilities won't actually affect your project. Be careful using npm audit fix especially npm audit fix --force because it can upgrade or downgrade packages, affecting functionality. If you do use it and it says 0 vulnerabilities after, that means it fixed all of them.
Packages are open-sourced so the community would spot any damaging or sneaky code, especially popular packages such as ganache-cli.
Read more here: https://www.voitanos.io/blog/don-t-be-alarmed-by-vulnerabilities-after-running-npm-install/
