I am getting the following error while installing the multer package using npm.

dicer  *
Severity: high
Crash in HeaderParser in dicer - https://github.com/advisories/GHSA-wm7h-9275-46v2
No fix available
node_modules/dicer
  busboy  <=0.3.1
  Depends on vulnerable versions of dicer
  node_modules/busboy
    multer  <=2.0.0-rc.3
    Depends on vulnerable versions of busboy
    node_modules/multer
3 high severity vulnerabilities
Some issues need review, and may require choosing
a different dependency.

CodePudding user response：

This is due to vulnerability in dicer dependency. Multer will still work, right now no fix is available. Maybe it will be resolved in next update. Check this GitHub reviewed vulnerability

CodePudding user response：

I am a novice and this is not advice on what you should do - I'm just relaying what I did and what the outcome was.

This is a duplicate of my post on the same issue, on GitHub

After deploying my Vuejs3 app a week ago to Firebase, I was prompted to upgrade to the newest version of Firebase Tools (11.0.1) via npm. After doing this, I began experiencing the problem detailed in my comment on GitHub.

Having no other solutions on the table, I decided to uninstall firebase tools (npm uninstall -g firebase-tools) and then reinstall the previous version (npm install -g [email protected]).

BUT, after first time I did this, I ran npm audit fix (not npm audit fix --force) and all I got a ton of high severity warnings and problems.

So I decided to once again uninstall firebase tools (npm uninstall -g firebase-tools) and then reinstall the previous version (npm install -g [email protected]) and that's it (did NOT run npm audit fix).

I proceeded to npm run build and firebase deploy --only hosting and it worked just fine. Definitely NOT a great or long-term solution. Good luck!