When I'm trying to run 'npm update' I get 31 vulnerabilities. 'npm audit fix' and 'npm audit fix --force'. Do not seem to help. I think I need to manually update the vulnerabilities. But how do I do this?
A piece of of the output after running 'npm audit' shows this:
By npm audit fix
you get packages with vulnerabilities or packages that use other packages that has vulnerabilities.
- You can simply read audit packages:
strip-ansi 4.0.0 - 5.2.0 Depends on vulnerable versions of ansi-regex
- You can update or downgrade that package as your requirements, npm official site
- You can search about that package , theirs all kind of information about package
By the way, there is a saying that "don't fix a code if it's Running fine"