NPM-AUDIT find to high vulnerabilities. What am I supposed to do?

前端 未结 7 2126
清歌不尽
清歌不尽 2021-02-19 11:16

npm audit run on my project and got me this

High Command Injection
Dependency of @angular-devkit/build-angular [dev]

7条回答
  •  滥情空心
    2021-02-19 11:40

    Add below code to package.json

    "resolutions": {
    "tree-kill":"1.2.2"
    }
    

    Remove all node modules:

    rm -r node_modules
    

    Update package-lock.json for new version 1.2.2 as :

    npx npm-force-resolutions
    

    Now install node modules:

    npm install
    

    This works for me.

提交回复
热议问题