[英]wan i create new react App using npx create-react-app App_Name Its Show This Error (found 8 vulnerabilities)
wan 我在 react 命令中創建了一個新應用程序,用於創建應用程序npx create-react-app其顯示此錯誤在 2166 個掃描包中發現 8 個漏洞(4 個中等,4 個高) 8 個漏洞需要手動審查。 有關詳細信息,請參閱完整報告。 I'm using the latest version of node.js I run Comment " npm audit fix " Or " npm audit fix --force " But it Not Fix my error Here is All error Command " NPM Audit "
Moderate Regular Expression Denial of Service
Package postcss
Patched in >=7.0.36 <8.0.0 || >=8.2.10
Dependency of react-scripts
Path react-scripts > resolve-url-loader > postcss
More info https://npmjs.com/advisories/1693
Moderate Regular Expression Denial of Service
Package browserslist
Patched in >=4.16.5
Dependency of react-scripts
Path react-scripts > react-dev-utils > browserslist
More info https://npmjs.com/advisories/1747
Moderate Regular expression denial of service
Package glob-parent
Patched in >=5.1.2
Dependency of react-scripts
Path react-scripts > webpack > watchpack > watchpack-chokidar2 >
chokidar > glob-parent
More info https://npmjs.com/advisories/1751
Moderate Regular expression denial of service
Package glob-parent
Patched in >=5.1.2
Dependency of react-scripts
Path react-scripts > webpack-dev-server > chokidar > glob-parent
More info https://npmjs.com/advisories/1751
High Denial of Service
Package css-what
Patched in >=5.0.1
Dependency of react-scripts
Path react-scripts > @svgr/webpack > @svgr/plugin-svgo > svgo >
css-select > css-what
More info https://npmjs.com/advisories/1754
High Denial of Service
Package css-what
Patched in >=5.0.1
Dependency of react-scripts
Path react-scripts > optimize-css-assets-webpack-plugin > cssnano
> cssnano-preset-default > postcss-svgo > svgo > css-select
> css-what
More info https://npmjs.com/advisories/1754
High Regular Expression Denial of Service
Package normalize-url
Patched in >=4.5.1 <5.0.0 || >=5.3.1 <6.0.0 || >=6.0.1
Dependency of react-scripts
Path react-scripts > mini-css-extract-plugin > normalize-url
More info https://npmjs.com/advisories/1755
High Regular Expression Denial of Service
Package normalize-url
Patched in >=4.5.1 <5.0.0 || >=5.3.1 <6.0.0 || >=6.0.1
Dependency of react-scripts
Path react-scripts > optimize-css-assets-webpack-plugin > cssnano
> cssnano-preset-default > postcss-normalize-url >
normalize-url
More info https://npmjs.com/advisories/1755
found 8 vulnerabilities (4 moderate, 4 high) in 2166 scanned packages
8 vulnerabilities require manual review. See the full report for details.
我該如何解決這個錯誤。
請參閱我幾周前在此處發布的問題postcss 7.0.0 - 8.2.9 Severity:中等正則表達式拒絕服務。
簡短的回答是還沒有補丁,所以你應該等待,或者,如果你買不起,那么你將需要使用yarn
,如答案之一所述。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.