I have a create-react-app and I add some scripts to use a third-party library how can I check if those libraries have vulnerabilities?
You could use npm run audit
. It is a security audit command, which will alert you of any found vulnerabilities - in your node_modules
, package.lock
& package.json
(You can choose from many flags in that command)
Read more about it here
If you are injecting with <script>
tag itself, I would recommend trying to find the npm
module for it and installing it that way, so you can keep track of everything at once with npm run audit
. If that is not the case, I suppose you could find a vulnerability scanner on google, but I am not so familiar with them to write on their accuracy.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.