在 npm install 上发现 4 个漏洞 [英] Found 4 vulnerabilities on npm install
问题描述
我刚刚开始使用 react-native.在安装这个包
I am just getting started with react-native. On installing this package
npm install --save react-native-validator-form
https://github.com/NewOldMax/react-native-验证器表单/问题/3
我被提示进行 npm 审计
并且我看到了 4 个漏洞(如上所列)
I was prompted to npm audit
and I was shown 4 vulnerabilities (listed above)
运行 2 个辅助命令后,提示我另外 2 个漏洞(见链接)
After running the 2 helper commands, I was prompted with another 2 vulnerabilities (see link)
如何解决剩余的问题?
更新相应的 npm 包不起作用.
Updating the respective npm packages didn't work.
不确定如何进行?
推荐答案
这是包含审计命令的新 npm 版本的结果.
This is a result of the new npm version including the audit command.
这不是 Angular CLI 的新问题,npm 只是在 npm 中引入了新功能来警告用户他们正在安装的包中的漏洞 - 所以 Angular 中没有新"漏洞,只是现在 npm现在就已经存在的漏洞向您发出警告:
It isn't some new issue with the Angular CLI, npm just introduced new functionality in npm to warn users about vulnerabilities in the packages they're installing - so there's no "new" vulnerability in Angular, it's just that now npm is now warning you about vulnerabilities that already existed:
大多数问题源于 Karma,因此需要在那里修复它,以便 Angular 团队引入新的 Karma 版本 karma-runner/karma#2994
Most of the issues stem from Karma, so it'd need to be fixed there for the Angular team to pull in a new Karma version karma-runner/karma#2994
这篇关于在 npm install 上发现 4 个漏洞的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!