Home > database >  npm install testcafe --save-dev give vulnerabilities
npm install testcafe --save-dev give vulnerabilities

Time:04-19

I'm new to testcafe and when I run npm install testcafe --save-dev, I get the following errors. I tried installing [email protected] which it says is the fix but I get even more vulnerabilities...not sure what to do here! Thanks!

async <2.6.4

Severity: high

Prototype Pollution in async - https://github.com/advisories/GHSA-fwr7-v2mv-hh25 fix available via npm audit fix --force Will install [email protected], which is a breaking change node_modules/testcafe/node_modules/async

testcafe-legacy-api <=5.1.2 Depends on vulnerable versions of async node_modules/testcafe/node_modules/testcafe-legacy-api

testcafe <=1.18.6-rc.1 Depends on vulnerable versions of testcafe-legacy-api node_modules/testcafe

3 high severity vulnerabilities

CodePudding user response:

We already addressed this issue:

https://github.com/DevExpress/testcafe-legacy-api/issues/59.

The next minor TestCafe update will include this fix.

  • Related