问题
I have update the webpack-dev-server to the latest 3.1.14 but I am still getting vulnerability issue while using npm audit --fix. I have tries every thing. cleaning cache. clearing all modules and install again but all same.
Following is the error when I run npm audit
$ npm audit
=== npm audit security report ===
Manual Review
Some vulnerabilities require your attention to resolve
Visit https://go.npm.me/audit-guide for additional guidance
High Missing Origin Validation
Package webpack-dev-server
Patched in >=3.1.11
Dependency of webpack-dev-server [dev]
Path webpack-dev-server
More info https://nodesecurity.io/advisories/725
found 1 high severity vulnerability in 60688 scanned packages
1 vulnerability requires manual review. See the full report for details.
回答1:
Seems to be due to a typo in the npm vulnerability database. Hopefully fixed soon: https://npm.community/t/npm-audit-sweems-to-get-semver-wrong/4352
来源:https://stackoverflow.com/questions/54004545/webpack-dev-server3-1-14-getting-missing-origin-validation-while-using-npm-audi