Closed ralyodio closed 3 months ago
$ npm audit fix
up to date, audited 371 packages in 536ms
57 packages are looking for funding run npm fund for details
npm fund
axios 0.8.1 - 1.5.1 Severity: moderate Axios Cross-Site Request Forgery Vulnerability - https://github.com/advisories/GHSA-wf5p-g6vw-rhxx fix available via npm audit fix --force Will install twilio@3.40.0, which is a breaking change node_modules/axios twilio 3.41.0 - 4.1.1 || 4.7.0 - 4.19.0 Depends on vulnerable versions of axios node_modules/twilio
npm audit fix --force
2 moderate severity vulnerabilities
To address all issues (including breaking changes), run: npm audit fix --force
I think this issue is fixed now. You can run npm audit fixto get the audit report with "found 0 vulnerabilities". Thanks!
npm audit fix
i posted this back in november ffs.
Preflight Checklist
Problem Description
$ npm audit fix
up to date, audited 371 packages in 536ms
57 packages are looking for funding run
npm fund
for detailsnpm audit report
axios 0.8.1 - 1.5.1 Severity: moderate Axios Cross-Site Request Forgery Vulnerability - https://github.com/advisories/GHSA-wf5p-g6vw-rhxx fix available via
npm audit fix --force
Will install twilio@3.40.0, which is a breaking change node_modules/axios twilio 3.41.0 - 4.1.1 || 4.7.0 - 4.19.0 Depends on vulnerable versions of axios node_modules/twilio2 moderate severity vulnerabilities
To address all issues (including breaking changes), run: npm audit fix --force
Proposed Solution
$ npm audit fix
up to date, audited 371 packages in 536ms
57 packages are looking for funding run
npm fund
for detailsnpm audit report
axios 0.8.1 - 1.5.1 Severity: moderate Axios Cross-Site Request Forgery Vulnerability - https://github.com/advisories/GHSA-wf5p-g6vw-rhxx fix available via
npm audit fix --force
Will install twilio@3.40.0, which is a breaking change node_modules/axios twilio 3.41.0 - 4.1.1 || 4.7.0 - 4.19.0 Depends on vulnerable versions of axios node_modules/twilio2 moderate severity vulnerabilities
To address all issues (including breaking changes), run: npm audit fix --force
Alternatives Considered
$ npm audit fix
up to date, audited 371 packages in 536ms
57 packages are looking for funding run
npm fund
for detailsnpm audit report
axios 0.8.1 - 1.5.1 Severity: moderate Axios Cross-Site Request Forgery Vulnerability - https://github.com/advisories/GHSA-wf5p-g6vw-rhxx fix available via
npm audit fix --force
Will install twilio@3.40.0, which is a breaking change node_modules/axios twilio 3.41.0 - 4.1.1 || 4.7.0 - 4.19.0 Depends on vulnerable versions of axios node_modules/twilio2 moderate severity vulnerabilities
To address all issues (including breaking changes), run: npm audit fix --force
Additional Information
$ npm audit fix
up to date, audited 371 packages in 536ms
57 packages are looking for funding run
npm fund
for detailsnpm audit report
axios 0.8.1 - 1.5.1 Severity: moderate Axios Cross-Site Request Forgery Vulnerability - https://github.com/advisories/GHSA-wf5p-g6vw-rhxx fix available via
npm audit fix --force
Will install twilio@3.40.0, which is a breaking change node_modules/axios twilio 3.41.0 - 4.1.1 || 4.7.0 - 4.19.0 Depends on vulnerable versions of axios node_modules/twilio2 moderate severity vulnerabilities
To address all issues (including breaking changes), run: npm audit fix --force