satheeshwaran
commented
3 years ago I am also facing the same issue, any clue on how to fix this audit warning?
Open ashok-sl opened 3 years ago
satheeshwaran
commented
3 years ago I am also facing the same issue, any clue on how to fix this audit warning?
dohooo
commented
3 years ago Sorry, please allow me to advertise for my open source library! ~ I think this library react-native-reanimated-carousel will solve your problem. It is a high performance and very simple component, complete with React-Native reanimated 2
ankitch29
commented
2 years ago I am also getting the same issue, Any help would be appreciated!
marinne
commented
2 years ago Facing the same issue, but instead the severity is HIGH in my npm audit report.
node-fetch <=2.6.6
Severity: high
node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor - https://github.com/advisories/GHSA-r683-j2x4-v87g
The size option isn't honored after following a redirect in node-fetch - https://github.com/advisories/GHSA-w7rc-rwvf-8q5r
fix available via npm audit fix --force
Will install react-native-snap-carousel@1.3.1, which is a breaking change
node_modules/isomorphic-fetch/node_modules/node-fetch
isomorphic-fetch 2.0.0 - 2.2.1
Depends on vulnerable versions of node-fetch
node_modules/isomorphic-fetch
fbjs 0.7.0 - 1.0.0
Depends on vulnerable versions of isomorphic-fetch
node_modules/fbjs
react-addons-shallow-compare 15.4.2 - 15.6.2 || >=16.0.0-alpha
Depends on vulnerable versions of fbjs
node_modules/react-addons-shallow-compare
react-native-snap-carousel >=1.4.0
Depends on vulnerable versions of react-addons-shallow-compare
node_modules/react-native-snap-carousel
Looks like updating the dependency react-native-shallow-compare from 15.6.2 to 15.6.3 would fix it. Is it possible and could anyone help? Thanks!
React Native Version - 0.64.0
When I hit npm audit I got the following response
I wonder why the npm audit asks me to downgrade the package version.