How to resolve NPM audit vulnerabilities?
Question
After running NPM audit I have identified 5 critical issues. I have tried updating @storybook/addon-essentials & @storybook/react in order to resolve 4 of these as they say patched in >=xxx which implies to me they have been resolved in the atleast the latest versions.
I ran npm i @storybook/addon-essentials@latest @storybook/react@latest and can see package.json (and lock) have latest versions but running an audit again shows the same critical vulnerabilities.
Is there something else I need to update in order to resolve these or have I done something wrong when updating to latest?
There are also some moderate and high vulnerabilities but I have grepped just the critical in order to focus on them for now
I should also add we are using a private registery for our npm installs but it doesn't support audit so having to run npm audit --registry=https://registry.npmjs.org against NPM registry. Not sure if this will make a difference.
1 answers
solution1
-1 2021-12-13 11:46:37
Try running npm audit fix ( Documentation )
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.