It appears to me that roadhog's dependencies are out of the date and require immidiate action. My reactjs project reports 83 vulnerabilities (76 low, 5 moderate, 1 high) in 58417 scanned packages. All dependency of roadhog!
Operating environment (e.g. OS name) and its version(操作系统版本):
What did you do? Please provide steps to re-produce your problem.(请提供复现步骤)
npm security report, reports the issue.
this is the high vulnerebility:
│ High │ Missing Origin Validation
│ Package │ webpack-dev-server
│ Patched in │ >=3.1.11
│ Dependency of │ roadhog [dev]
Path │ roadhog > af-webpack > webpack-dev-server
│ More info │ https://npmjs.com/advisories/725
What do you expected?(预期的正常效果)
For roadhog to be using the updated dependencies
What happen?(发生了何种非正常现象)
npm security report: found 82 vulnerabilities (76 low, 5 moderate, 1 high) in 58417 scanned packages all dependencies of roadhog [dev]
It appears to me that roadhog's dependencies are out of the date and require immidiate action. My reactjs project reports 83 vulnerabilities (76 low, 5 moderate, 1 high) in 58417 scanned packages. All dependency of roadhog!
Environment(required) | 环境(必填)
roadhog version(roadhog版本) "roadhog": "^2.4.9"
Nodejs and Npm version(Nodejs 和 Npm 版本) npm -v: 6.9.0 node -v: v10.8.0
Operating environment (e.g. OS name) and its version(操作系统版本):
What did you do? Please provide steps to re-produce your problem.(请提供复现步骤)
npm security report, reports the issue.
this is the high vulnerebility: │ High │ Missing Origin Validation │ Package │ webpack-dev-server
│ Patched in │ >=3.1.11
│ Dependency of │ roadhog [dev] Path │ roadhog > af-webpack > webpack-dev-server
│ More info │ https://npmjs.com/advisories/725
What do you expected?(预期的正常效果)
For roadhog to be using the updated dependencies
What happen?(发生了何种非正常现象)
npm security report: found 82 vulnerabilities (76 low, 5 moderate, 1 high) in 58417 scanned packages all dependencies of roadhog [dev]
Re-producible online demo (可复现的在线demo)