Highest Voted 'npm-audit' Questions

5

votes

1 answer

How to fix npm audit vulnerabilities angular 12.0.3

After i create a new Angular 12.0.3 project, npm audit immediately detects 8 high and 40 moderate vulnerabilities. # npm audit report css-what <5.0.1 Severity: high Denial of Service - https://npmjs.com/advisories/1754 fix available via `npm audit…

asked Jun 10 '21 at 09:42

Max Gusenbauer

217
2
12

5

votes

0 answers

npm audit fix --force doesn't solve the issues

I have a rect project created a while ago with react-create-app. Running npm install gives gives me 31 vulnerabilities (24 low, 3 moderate, 4 high). Here are the files that might help debug the issue: warnings after running npm audit fix…

npm package.json npm-audit

asked Feb 22 '21 at 07:04

daniel grieb

155
7

5

votes

1 answer

webpack-dev-server@3.1.14 getting Missing Origin Validation while using npm audit

I have update the webpack-dev-server to the latest 3.1.14 but I am still getting vulnerability issue while using npm audit --fix. I have tries every thing. cleaning cache. clearing all modules and install again but all same. Following is the error…

security webpack-dev-server npm-audit

asked Jan 02 '19 at 10:18

ma_dev_15

1,176
7
18

4

votes

2 answers

I cant Fix NPM vulnerabilities

I dont know much about npm and i need to fix that problem. # npm audit report semver <7.5.2 Severity: moderate semver vulnerable to Regular Expression Denial of Service - https://github.com/advisories/GHSA-c2qf-rxjj-qqgw No fix…

node.js npm semantic-versioning npm-audit npm-vulnerabilities

asked Jun 23 '23 at 15:48

Zübeyir

53
5

4

votes

2 answers

Angular new project vulnerabilities

I've updated angular cli and created a new project, with routing and scss. When I run npm install i see: 41 vulnerabilities (4 low, 37 moderate) To address issues that do not require attention, run: npm audit fix To address all issues…

angular npm-audit

asked Jan 10 '22 at 10:59

Gregory Boutte

584
6
26

4

votes

1 answer

How to resolve NPM audit vulnerabilities?

After running NPM audit I have identified 5 critical issues. I have tried updating @storybook/addon-essentials & @storybook/react in order to resolve 4 of these as they say patched in >=x.x.x which implies to me they have been resolved in the…

javascript node.js npm npm-scripts npm-audit

asked Dec 13 '21 at 11:41

Stretch0

8,362
13
71
133

4

votes

0 answers

npm audit force increases vulnerabilities

it initially says 23 issues but after using audit fix --force, it tries to install some depricated files? i think and the vulnerabilities increase to 56. but after using audit fix force again, it goes back to 23... PS…

npm npm-audit npm-vulnerabilities

asked Nov 21 '21 at 06:42

Vikram

41
1

4

votes

0 answers

Npm audit report says '1 vulnerability required manual review and could not be updated' / .Node js

Firstly, I got this message below when running npm audit: updated 1 package and audited 381 packages in 1.767s found 1 moderate severity vulnerability run `npm audit fix` to fix them, or `npm audit` for details → weatherApp npm audit …

npm npm-audit

asked Dec 11 '19 at 12:23

joshu7Su

95
8

4

votes

1 answer

Npm audit report says 'found 1 low severity vulnerability' karma > expand-braces > braces

Npm audit report says 'found 1 low severity vulnerability'. 1 vulnerability requires manual review. Low Regular Expression Denial of Service Package braces Patched in >=2.3.1 Dependency of karma [dev] Path …

angular npm npm-audit

asked Feb 26 '19 at 17:51

Surender Khairwa

601
4
17

4

votes

2 answers

NPM Audit fixes

After running npm audit I have (this is just one of) a moderate warning Moderate │ Prototype pollution Package │ hoek Patched in │ > 4.2.0 < 5.0.0 || >= 5.0.3 Dependency of │ karma Path | karma > log4js > loggly > request >…

node.js npm npm-audit

asked Jun 08 '18 at 10:59

Richlewis

15,070
37
122
283

3

votes

1 answer

Fixing vulnerabilities reported by npm audit

I'm trying to fix 3 vulnerabilities identified by npm audit, but it seems like these cant be resolved automatically with npm audit fix. ❯ npm audit fix npm WARN audit fix ansi-regex@5.0.0…

npm npm-audit

asked Feb 12 '22 at 22:27

devklick

2,000
3
30
47

3

votes

2 answers

npm audit response shows up as just plain text instead of tabular format

I read a lot of questions/articles related to npm audit where people have provided the response of the npm audit in a tabular format. But when I run the npm audit I get the response as plain text. I tried to install a library npm-audit-html and get…

node.js npm report npm-audit

asked Feb 03 '22 at 04:31

BATMAN_2008

2,788
3
31
98

3

votes

2 answers

npm audit - how to make sure I have no production vulnerabilities?

I'm trying to make sure my project doesn't have vulnerabilities in production, so I ran: npm audit > vulnerabilities.txt and then I searched for all instances of "Dependency of" which brings up a list like: Line 199: Dependency of…

npm npm-audit

asked Jul 29 '19 at 15:40

Asik

21,506
6
72
131

3

votes

2 answers

npm audit not working on Windows using bash

I am using Mintty 2.8.4 as my terminal to install npm packages. I installed an earlier version of an npm package called moment and I got warnings about vulnerabilities. One of the suggestions my terminal gave me was to run npm audit. On running that…

node.js npm npm-audit

asked Oct 25 '18 at 14:29

Lenny86

120
1
9

3

votes

1 answer

npm audit fix not fixing low vulnerability

I am using nightmare for testing.After running npm audit I get a warning about lodash Prototype pollution.I tried to fix this by running npm audit fix but no result.After that I tried using --force but still get : fixed 0 of 1 vulnerability in 2108…

npm lodash nightmare npm-audit

asked Sep 01 '18 at 13:14

Manos Kounelakis

2,848
5
31
55

Questions tagged [npm-audit]