You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I narrowed down some NPM security warnings to this package.
After an npm install [email protected], doing an npm audit reports the following:
...
got <11.8.5
Severity: moderate
Got allows a redirect to a UNIX socket - https://github.com/advisories/GHSA-pfrx-2q88-qq97
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/got
package-json <=6.5.0
Depends on vulnerable versions of got
node_modules/package-json
latest-version 0.2.0 - 5.1.0
Depends on vulnerable versions of package-json
node_modules/latest-version
update-notifier 0.2.0 - 5.1.0
Depends on vulnerable versions of latest-version
node_modules/update-notifier
npm-check >=3.2.7
Depends on vulnerable versions of package-json
Depends on vulnerable versions of update-notifier
node_modules/npm-check
On Node version v16.15.1, npm version 8.11.0
The text was updated successfully, but these errors were encountered:
I narrowed down some NPM security warnings to this package.
After an
npm install [email protected], doing annpm auditreports the following:On Node version
v16.15.1, npm version8.11.0The text was updated successfully, but these errors were encountered: