Project overview, general documentation, and white papers. The CWA development ends on May 31, 2023. You still can warn other users until April 30, 2023. More information:
This PR resolves the issue #897 "minimist package 1.2.5 has critical severity vulnerability".
markdown-link-check is pinned to version ~3.8.7. If this step is omitted then running npm audit fix causes markdown-link-check to be updated to version 3.10.2, which causes npm run checklinks to fail.
npm audit fix is executed.
The output of npm audit changes to
8 vulnerabilities (2 low, 3 moderate, 3 high).
Verification
npm install-test should output no errors.
npm audit should list no vulnerabilities in the critical category.
This has been tested locally in a clone of cwa-documentation.
larswmh
commented
2 years ago
This PR resolves the issue #897 "minimist package 1.2.5 has critical severity vulnerability".
markdown-link-checkis pinned to version ~3.8.7. If this step is omitted then runningnpm audit fixcausesmarkdown-link-checkto be updated to version 3.10.2, which causesnpm run checklinksto fail.npm audit fixis executed.The output of
npm auditchanges to8 vulnerabilities (2 low, 3 moderate, 3 high).Verification
npm install-testshould output no errors.npm auditshould list no vulnerabilities in the critical category.This has been tested locally in a clone of cwa-documentation.