How to get rid of the ‘hoek’ vulnerabilities

前端 未结 3 1864
梦如初夏
梦如初夏 2021-02-12 06:04

I recently pushed an Angular CLI 5 application to GitHub and it indicated the following:

We found a potential security vulnerability in one of your dependencies.         


        
3条回答
  •  别跟我提以往
    2021-02-12 06:52

    You should runrm package-lock.json && npm update && npm install, if this still doesn't fix your issue, you can then continue by running npm ls hoek, which should gave you:

    ├─┬ fuse-box@3.3.0
    │ └─┬ request@2.81.0
    │   └─┬ hawk@3.1.3
    │     ├─┬ boom@2.10.1
    │     │ └── hoek@2.16.3
    │     ├── hoek@2.16.3
    │     └─┬ sntp@1.0.9
    │       └── hoek@2.16.3
    └── hoek@5.0.3
    

    Check the version of hawk against the one on npm hawk, if it doesn't tally, run npm i hawk --save or npm i hoek@latest --save, then you should also run: npm i karma@latest --save, then npm audit After which I again ran my normal git commands:

    git add .
    git commit -m 'whatever_message'
    git push 
    

    Then you can go back to Github, the security vulnerability should be fixed.

提交回复
热议问题