Home > Enterprise >  how to manually fix npm vulnerabilities?
how to manually fix npm vulnerabilities?

Time:10-24

When I'm trying to run 'npm update' I get 31 vulnerabilities. 'npm audit fix' and 'npm audit fix --force'. Do not seem to help. I think I need to manually update the vulnerabilities. But how do I do this?

A piece of of the output after running 'npm audit' shows this: npm audit fix

By npm audit fix you get packages with vulnerabilities or packages that use other packages that has vulnerabilities.

  • You can simply read audit packages:

strip-ansi 4.0.0 - 5.2.0 Depends on vulnerable versions of ansi-regex

  • You can update or downgrade that package as your requirements, npm official site
  • You can search about that package , theirs all kind of information about package

By the way, there is a saying that "don't fix a code if it's Running fine"

  • Related