search

Atos-Research-and-Innovation / IoTagent-LoRaWAN

FIWARE IoT Agent for LoRaWAN protocol (with CayenneLpp and CBOR data models)
https://fiware-lorawan.readthedocs.io/en/latest/
Other
34 stars 40 forks source link

Found vulnerabilities in command 'npm install' #12

Closed diego-gv closed 6 years ago

diego-gv commented 6 years ago

Hi @dcalvoalonso

I'm trying to install the dependencies for the project but the command 'npm install' return that it found 8 vulnerabilities:

$ npm install
added 968 packages from 1745 contributors and audited 6676 packages in 6.598s
found 8 vulnerabilities (2 low, 6 moderate)
run `npm audit fix` to fix them, or `npm audit` for details

Further, i used the command 'npm audit fix' but it have not effect:

$ npm audit fix
up to date in 2.571s
fixed 0 of 8 vulnerabilities in 6676 scanned packages
8 vulnerabilities required manual review and could not be updated

I have followed the steps except for the installation of the Orion Context Broker, which at the time of this post is not yet installed.

Thanks and I wait to response :+1:

diego-gv commented 6 years ago

Hi @dcalvoalonso

I continue with the same problem. I'm trying to solve it by searching Google but I haven't been lucky.

dcalvoalonso commented 6 years ago

Hi @diegogarvi,

Thanks for the update. I will try to fix this although it is complicated since vulnerabilities are caused by some dependencies. Anyway, if I am not wrong, the IoT Agent should be functional, right?

diego-gv commented 6 years ago

Hi!

Yeah, the IoT Agent seems to be functioning correctly. Anyway, I cloned the repository again and now there are 25 vulnerabilities (I managed to fix 2 of them).

Thank you for your help.