Questions tagged «npm-audit»

4
如何手动修复npm漏洞?
当我运行npm install它说found 33 vulnerabilities (2 low, 31 moderate) run `npm audit fix` to fix them, or `npm audit` for details。 但是,npm audit fix输出up to date in 11s fixed 0 of 33 vulnerabilities in 24653 scanned packages 33 vulnerabilities required manual review and could not be updated 这是否review意味着它不应该由用户修复? 当我运行npm audit它时,它会给我表的列表,类似于此: ┌───────────────┬──────────────────────────────────────────────────────────────┐ …
98 node.js  npm  npm-audit 
6
NPM-AUDIT发现高漏洞。我应该做些什么?
npm audit 运行我的项目,并得到我这个 @ angular-devkit / build-angular [dev]的高命令注入依赖性 路径@ angular-devkit / build-angular> @ ngtools / webpack> tree-kill 更多信息 https://npmjs.com/advisories/1432 高指令注入 包树杀 在> = 1.2.2中修补 @ angular-devkit / build-angular [dev]的依赖性 路径@ angular-devkit / build-angular> tree-kill 更多信息 https://npmjs.com/advisories/1432 树的杀伤力需要更新,但它是有角度的,而不是我的。所以呢?需要等待那个角度小组将其自己的package.json更新为更新版本的tree-kill吗?
By using our site, you acknowledge that you have read and understand our Cookie Policy and Privacy Policy.
Licensed under cc by-sa 3.0 with attribution required.