如何修复npm审核报告 [英] how to fix the npm audit report
问题描述
当我运行npm audit命令
=== npm审核安全报告===
=== npm audit security report ===
`Manual Review
Some vulnerabilities require your attention to resolve
Visit https://go.npm.me/audit-guide for additional guidance `
High │ Arbitrary File Overwrite
Package │ tar
Patched in │ >=4.4.2
Dependency of │ @angular-devkit/build-angular [dev]
Path │ @angular-devkit/build-angular > node-sass > node-gyp >tar
More info │ https://nodesecurity.io/advisories/803
说found 1 high severity vulnerability in 42611 scanned packages
1 vulnerability requires manual review
.由于它与@angular-devkit/build-angular
有关,我担心它是否会在我的项目中造成任何其他问题.
its saying found 1 high severity vulnerability in 42611 scanned packages
1 vulnerability requires manual review
. As its related to @angular-devkit/build-angular
, I am afraid whether it will create any other issue in my project.
当我运行npm audit fix命令
npm WARN optional SKIPPING OPTIONAL
DEPENDENCY:fsevents@1.2.9 (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL
DEPENDENCY:Unsupported platform for
fsevents@1.2.9: wanted {"os":"darwin","arch":"any"}
(current: {"os":"linux","arch":"x64"})
因此,如何在具有Linux操作系统的任何系统中解决此问题.让我们考虑忽略上面的npm审核修复结果,因为它是一个警告.但是,npm审核的结果被认为是高度严重的漏洞.如何解决这个问题.
So how to fix this in any system having linux operating system. Lets consider ignoring the above npm audit fix result,because somehow its an warning. But the result of npm audit is considered as a high severity vulnerability. How to fix this.
Angular CLI版本
Angular CLI: 7.3.8
Node: 10.0.0
OS: linux x64
Angular: 7.2.14
... animations, common, compiler, compiler-cli, core, forms
... language-service, platform-browser, platform-browser-dynamic
... router
Package Version
-----------------------------------------------------------
@angular-devkit/architect 0.13.8
@angular-devkit/build-angular 0.13.8
@angular-devkit/build-optimizer 0.13.8
@angular-devkit/build-webpack 0.13.8
@angular-devkit/core 7.3.8
@angular-devkit/schematics 7.3.8
@angular/cli 7.3.8
@ngtools/webpack 7.3.8
@schematics/angular 7.3.8
@schematics/update 0.13.8
rxjs 6.3.3
typescript 3.2.4
webpack 4.29.0
帮助我解决此问题.谢谢
Help me in fixing this. thank you
推荐答案
删除node_modules
和package-lock.json
,然后运行命令:
Delete the node_modules
andpackage-lock.json
, then run the commands:
-
npm install
-
npm audit
-
npm audit fix
-
npm audit
npm install
npm audit
npm audit fix
npm audit
Found 0 vulnerabilities
将会出现,问题已解决.
Found 0 vulnerabilities
will appear, problem fixed.
这篇关于如何修复npm审核报告的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!