Highest Voted 'npm-audit' Questions

0

votes

1 answer

How to decorate my merge request with the result of npm audit?

In my CI, I use npm audit to find what are my vulnerable dependencies. I would like my pipeline to add a comment to my merge request listing vulnerable libraries above a given threshold. What would be the best way to do it? Thanks I tried: not much…

asked Mar 09 '23 at 12:42

user2991479

96
5

0

votes

2 answers

4 vulnerabilities - 11ty install. How i should fix this?

Please I've tried all and nothing works. `# npm audit report liquidjs <10.0.0 Severity: moderate liquidjs may leak properties of a prototype - https://github.com/advisories/GHSA-45rm-2893-5f49 No fix available node_modules/liquidjs @11ty/eleventy …

npm node-modules eleventy npm-audit

asked Feb 03 '23 at 16:44

Ľubo

13
3

0

votes

0 answers

npm override not fixing vulnerability

This is my vulnerability report : High node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor Package node-fetch Patched in >=2.6.7 Dependency of react-table-drag-select Path …

reactjs npm node-fetch npm-audit

asked Jan 04 '23 at 14:36

Sai Krishna

1
2

0

votes

0 answers

I can't begin foundation new in my git. I anyway have errors

I all time use foundation zurb and I don't want use something else. But suddenly I found that my foundation is refusing to work. What I understood it is that it updated and now it works in a different way. When I installed everything I needed I saw…

npm frameworks zurb-foundation npm-audit yarn-lock.json

asked Nov 25 '22 at 10:05

Alex

1
1

0

votes

1 answer

React: create-react-app creates a "problem-filled" project

Explanation (Please read complete) I started learning React and I'm an absolute beginner with it, and want to make the practical tutorial in the React page, coding a "tic-tac-toe" application. But, when creating with: npx create-react-app…

reactjs npm create-react-app npm-audit npm-update

asked Nov 14 '22 at 01:15

Cromega08

63
6

0

votes

1 answer

Unable to fix npm vulnerabilities

I am getting 6 vulnerabilities after running npm audit report: I tried a solution and overridden the vulnerable versions of a particular package with their latest versions in package.json file like this: "overrides": { "nth-check": "2.1.1", …

node.js npm-audit npm-update npm-vulnerabilities

asked Nov 13 '22 at 10:54

Waleed Farrukh

205
1
10

0

votes

0 answers

Audit Report by npm

Error: I just checked the audit report by using npm audit command in my react app and I got these below vulnerabilities in my audit report **minimatch** <3.0.5 Severity: high minimatch ReDoS vulnerability -…

report npm-audit

asked Oct 31 '22 at 07:47

Irtaza Hussain

39
3

0

votes

0 answers

React router installation issue

....whenever I'm trying to download the react router then it is showing 6 vulnerability. There's written, to fix run the command "npm audit fix" and "npm audit fix --force" but still that problem is bothering. Visuals in ss. I've tried commands…

node.js npm npm-audit

asked Oct 29 '22 at 19:52

Vaibhav Pandey

9
1

0

votes

1 answer

How to get yarn command output in github actions

Im working on adding the output of yarn audit as a PR comment. The problem is that all the output of $log is not displayed. here is the code - name: Run audit id: audit run: | log="$(yarn audit)" echo…

command github-actions npm-audit

asked Oct 08 '22 at 08:28

smooth97

73
2
9

0

votes

1 answer

How to leave the github actions run result in the PR comments

I want to leave the result of "run audit" as a PR comment, but I don't know how. I'd appreciate your help. - name: Run audit run: yarn audit

github-actions npm-audit

asked Sep 21 '22 at 05:54

smooth97

73
2
9

0

votes

0 answers

Issues with React Terminal when installing react router. Windows

I'm having multiple issues with my React terminal when trying to install different things. I'm mainly having this issue with installing react router and linking my projects to Github. *The issue seems to be the 'high severity vulnerabilities' as…

npm npm-audit

asked Aug 21 '22 at 18:18

Gavin Walsh

33
4

0

votes

1 answer

How can I find the NPM package that is blocking a nested dependency from updating?

When I run npm audit It tells me I have a critical vulnerability in lodash. When I run npm ls lodash I have 47 instances of lodash being deduped. How can I tell which of my dependencies are holding on to the vulnerable version?

npm npm-audit npm-vulnerabilities

asked Jun 23 '22 at 21:38

linuxdan

4,476
4
30
41

0

votes

1 answer

Istio Virtual Service - Proxy to external HTTPS service

I'm trying to proxy HTTP requests with specified URI prefix to an external HTTPS server. The idea is to use ower internal Nexus Repository manager for NPM, but don't loosethe ability for 'npm audit' like this project does GitHub Project. It should…

nexus istio istio-gateway npm-audit

asked Mar 09 '22 at 16:56

Sebastian A.

105
1
8

0

votes

1 answer

What does Regular expression denial of service when using npm mean?

I am new to programming and everyone keeps mentioning how it is problem specific but I wanted to know when using npm audit does the denial of service mean its not able to communicate with the git repository? glob-parent <5.1.2 Severity:…

node.js npm npm-audit

asked Feb 25 '22 at 21:08

King_Damo

1
1
1

0

votes

0 answers

How do you fix -> Could not resolve dependency: npm ERR

I'm not familiar with resolving dependency issues. I saw some vulnerabilities after running "npm install" so I ran "npm audit fix" as recommended. I get this error npm ERR! ERESOLVE unable to resolve dependency tree npm ERR! npm ERR! While…

reactjs npm eslint npm-audit

asked Dec 20 '21 at 18:31

Kristian Martinez

142
2
12

Questions tagged [npm-audit]