When the Phoenix project is generated it will install some npm packages.
The version of these package might not be the most up to date and Github might find some vulnerabilities:
This is linked directly to the package-lock.json file. This file is not necessary for this project and developers can update the packages later if necessary
SimonLab
commented
5 years ago
When the Phoenix project is generated it will install some npm packages. The version of these package might not be the most up to date and Github might find some vulnerabilities:
This is linked directly to the package-lock.json file. This file is not necessary for this project and developers can update the packages later if necessary