Open lukasz-madon opened 2 years ago
@blixhavn, The npm audit report get lot of high severity issue. Below the list
`# npm audit report
ansi-regex 4.0.0 - 4.1.0
Severity: high
Inefficient Regular Expression Complexity in chalk/ansi-regex - https://github.com/advisories/GHSA-93q8-gq69-wqmw
fix available via npm audit fix
node_modules/sticky-sidebar-v2/node_modules/ansi-regex
glob-parent <5.1.2
Severity: high
glob-parent before 5.1.2 vulnerable to Regular Expression Denial of Service in enclosure regex - https://github.com/advisories/GHSA-ww39-953v-wcq6
fix available via npm audit fix
node_modules/sticky-sidebar-v2/node_modules/glob-parent
chokidar 1.0.0-rc1 - 2.1.8
Depends on vulnerable versions of glob-parent
node_modules/sticky-sidebar-v2/node_modules/chokidar
glob-watcher >=3.0.0
Depends on vulnerable versions of chokidar
node_modules/sticky-sidebar-v2/node_modules/glob-watcher
gulp >=4.0.0
Depends on vulnerable versions of glob-watcher
Depends on vulnerable versions of vinyl-fs
node_modules/sticky-sidebar-v2/node_modules/gulp
glob-stream 5.3.0 - 6.1.0
Depends on vulnerable versions of glob-parent
node_modules/sticky-sidebar-v2/node_modules/glob-stream
vinyl-fs >=2.4.2
Depends on vulnerable versions of glob-stream
node_modules/sticky-sidebar-v2/node_modules/vinyl-fs
lodash.template <4.5.0
Severity: critical
Prototype Pollution in lodash - https://github.com/advisories/GHSA-jf85-cpcp-j695
fix available via npm audit fix
node_modules/sticky-sidebar-v2/node_modules/gulp-util/node_modules/lodash.template
gulp-util >=1.1.0
Depends on vulnerable versions of lodash.template
node_modules/sticky-sidebar-v2/node_modules/gulp-util
minimatch <3.0.5
Severity: high
minimatch ReDoS vulnerability - https://github.com/advisories/GHSA-f8q6-p94x-37v3
fix available via npm audit fix
node_modules/sticky-sidebar-v2/node_modules/minimatch
mocha 5.1.0 - 9.2.1
Depends on vulnerable versions of minimatch
Depends on vulnerable versions of nanoid
node_modules/sticky-sidebar-v2/node_modules/mocha
minimist <1.2.6
Severity: critical
Prototype Pollution in minimist - https://github.com/advisories/GHSA-xvch-5gv4-984h
fix available via npm audit fix
node_modules/sticky-sidebar-v2/node_modules/minimist
nanoid 3.0.0 - 3.1.30
Severity: moderate
Exposure of Sensitive Information to an Unauthorized Actor in nanoid - https://github.com/advisories/GHSA-qrpm-p2h7-hrv2
fix available via npm audit fix
node_modules/sticky-sidebar-v2/node_modules/nanoid`
After running
npm audit