webpack-dev-server@3.1.14 在使用 npm 审计时获取缺少的源验证 [英] webpack-dev-server@3.1.14 getting Missing Origin Validation while using npm audit

问题描述

我已将 webpack-dev-server 更新到最新的 3.1.14，但在使用 npm audit --fix<时仍然遇到漏洞问题/代码>.我已经尝试了每一件事.清理缓存.清除所有模块并再次安装，但都是一样的.

I have update the webpack-dev-server to the latest 3.1.14 but I am still getting vulnerability issue while using npm audit --fix. I have tries every thing. cleaning cache. clearing all modules and install again but all same.

以下是我运行 npm audit

$ npm audit

                   === npm audit security report ===                        


                             Manual Review                                  
         Some vulnerabilities require your attention to resolve             

      Visit https://go.npm.me/audit-guide for additional guidance           




  High            Missing Origin Validation                                     

  Package         webpack-dev-server                                            

  Patched in      >=3.1.11                                                      

  Dependency of   webpack-dev-server [dev]                                      

  Path            webpack-dev-server                                            

  More info       https://nodesecurity.io/advisories/725                        

found 1 high severity vulnerability in 60688 scanned packages
  1 vulnerability requires manual review. See the full report for details.

推荐答案

似乎是由于 npm 漏洞数据库中的拼写错误.希望尽快修复:https://npm.community/t/npm-audit-sweems-to-get-semver-wrong/4352

Seems to be due to a typo in the npm vulnerability database. Hopefully fixed soon: https://npm.community/t/npm-audit-sweems-to-get-semver-wrong/4352

这篇关于webpack-dev-server@3.1.14 在使用 npm 审计时获取缺少的源验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！