-
First, thank you for your hard work, it's very appreciated! 🤗
__Issue__: We're setting up a CI env to automatically run `check-audit`, and we're setting the `--audit-level` (or alternatively the e…
-
`Depends on vulnerable versions of mpath
Depends on vulnerable versions of mquery
fix available via `npm audit fix --force`
Will install mongoose@5.13.22, which is outside the stated dependency ran…
-
At the moment, NPM detects a high severity vulnerability in one of our dependency. However `npm audit fix` doesn't help:
```
$ npm audit fix
up to date, audited 774 packages in 3s
133 packag…
-
### Command description
This is widely used in development and most of its options are misused or never really used this would be a great contendor
### Documentation
https://docs.npmjs.com/cli/comm…
-
```
# npm audit report
async 2.0.0 - 2.6.3
Severity: high
Prototype Pollution in async - https://github.com/advisories/GHSA-fwr7-v2mv-hh25
Depends on vulnerable versions of lodash
fix available via …
-
There are `npm audit` issues in this package related to `d3-color`:
```
The d3-color module provides representations for various color spaces in the browser. Versions prior to 3.1.0 are vulnerable…
-
Looks like it needs some version bump or a fix
```
# npm audit report
xmldom *
Severity: critical
Misinterpretation of malicious XML input - https://github.com/advisories/GHSA-5fg8-2547-mr8q
…
-
Hi!
would it be possible to update paths/dependencies as currently npm audit reports several vulnerabilities in this package?
Thank You.
-
I'm considering using esvu for testing my library across several different JavaScript engines, but I'm concerned about the npm audit report.
-
When installing Docusaurus website `npx create-docusaurus@latest docusaurus classic` (as instructed in [your documentation](https://docusaurus-powershell.vercel.app/docs/installation)) message "15 hi…