search

gekkowarez / gekkoga

Genetic Algorithm for solving optimization of trading strategies using Gekko
313 stars 104 forks source link

Critical security vulnerability during npm install #57

Open g1tt opened 6 years ago

g1tt commented 6 years ago

Please find the result of running npm install below. npm audit fix does not fix the problem!

npm install audited 113 packages in 1.794s found 1 critical severity vulnerability run npm audit fix to fix them, or npm audit for details PS C:\temp\gekkoga-stable> npm audit

                   === npm audit security report ===

                             Manual Review
         Some vulnerabilities require your attention to resolve

      Visit https://go.npm.me/audit-guide for additional guidance

Critical Command Injection

Package growl

Patched in >=1.10.2

Dependency of random-ext

Path random-ext > jasmine-node > jasmine-growl-reporter > growl

More info https://nodesecurity.io/advisories/146

found 1 critical severity vulnerability in 113 scanned packages 1 vulnerability requires manual review. See the full report for details.

johndev86 commented 6 years ago

I'm also experiencing this issue. Is there a workaround?

Owczarkov commented 6 years ago

same here

mccrudd3n commented 5 years ago

Have you all tried npm audit fix as suggested?

mmgitmm commented 4 years ago

I am also experiencing same issue with grunt-jasmine-node. Is there any update on how to resolve this issue.