You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
browserslist 4.0.0 - 4.16.4
Severity: moderate
Regular Expression Denial of Service - https://npmjs.com/advisories/1747
fix available via npm audit fix --force
Will install [email protected], which is a breaking change
node_modules/react-dev-utils/node_modules/browserslist
react-dev-utils >=6.0.0-next.03604a46
Depends on vulnerable versions of browserslist
node_modules/react-dev-utils
react-scripts >=0.10.0-alpha.328cb32e
Depends on vulnerable versions of @pmmmwh/react-refresh-webpack-plugin
Depends on vulnerable versions of @svgr/webpack
Depends on vulnerable versions of react-dev-utils
Depends on vulnerable versions of webpack-dev-server
node_modules/react-scripts
css-what <5.0.1
Severity: high
Denial of Service - https://npmjs.com/advisories/1754
fix available via npm audit fix --force
Will install [email protected], which is a breaking change
node_modules/svgo/node_modules/css-what
css-select <=3.1.2
Depends on vulnerable versions of css-what
node_modules/svgo/node_modules/css-select
svgo 1.0.0 - 2.3.0
Depends on vulnerable versions of css-select
node_modules/svgo
@svgr/plugin-svgo *
Depends on vulnerable versions of svgo
node_modules/@svgr/plugin-svgo
@svgr/webpack >=4.0.0
Depends on vulnerable versions of @svgr/plugin-svgo
node_modules/@svgr/webpack
react-scripts >=0.10.0-alpha.328cb32e
Depends on vulnerable versions of @pmmmwh/react-refresh-webpack-plugin
Depends on vulnerable versions of @svgr/webpack
Depends on vulnerable versions of react-dev-utils
Depends on vulnerable versions of webpack-dev-server
node_modules/react-scripts
postcss-svgo 4.0.0-nightly.2020.1.9 - 5.0.0-rc.2
Depends on vulnerable versions of svgo
node_modules/postcss-svgo
cssnano-preset-default <=4.0.8
Depends on vulnerable versions of postcss-svgo
node_modules/cssnano-preset-default
cssnano 4.0.0-nightly.2020.1.9 - 4.1.11
Depends on vulnerable versions of cssnano-preset-default
node_modules/cssnano
optimize-css-assets-webpack-plugin 3.2.1 || 5.0.0 - 5.0.8
Depends on vulnerable versions of cssnano
node_modules/optimize-css-assets-webpack-plugin
glob-parent <5.1.2
Severity: moderate
Regular expression denial of service - https://npmjs.com/advisories/1751
fix available via npm audit fix --force
Will install [email protected], which is a breaking change
node_modules/watchpack-chokidar2/node_modules/glob-parent
node_modules/webpack-dev-server/node_modules/glob-parent
chokidar 1.0.0-rc1 - 2.1.8
Depends on vulnerable versions of glob-parent
node_modules/watchpack-chokidar2/node_modules/chokidar
node_modules/webpack-dev-server/node_modules/chokidar
watchpack-chokidar2 *
Depends on vulnerable versions of chokidar
node_modules/watchpack-chokidar2
watchpack 1.7.2 - 1.7.5
Depends on vulnerable versions of watchpack-chokidar2
node_modules/watchpack
webpack 4.44.0 - 4.46.0
Depends on vulnerable versions of watchpack
node_modules/webpack
webpack-dev-server 2.0.0-beta - 3.11.2
Depends on vulnerable versions of chokidar
node_modules/webpack-dev-server
@pmmmwh/react-refresh-webpack-plugin 0.3.1 - 0.5.0-beta.4
Depends on vulnerable versions of webpack-dev-server
node_modules/@pmmmwh/react-refresh-webpack-plugin
react-scripts >=0.10.0-alpha.328cb32e
Depends on vulnerable versions of @pmmmwh/react-refresh-webpack-plugin
Depends on vulnerable versions of @svgr/webpack
Depends on vulnerable versions of react-dev-utils
Depends on vulnerable versions of webpack-dev-server
node_modules/react-scripts
19 vulnerabilities (9 moderate, 10 high)
To address issues that do not require attention, run:
npm audit fix
To address all issues (including breaking changes), run:
npm audit fix --force
When i do npm audit fix i got :
`npm ERR! code ERESOLVE
npm ERR! ERESOLVE unable to resolve dependency tree
npm ERR!
npm ERR! Found: [email protected]
npm ERR! node_modules/type-fest
npm ERR! type-fest@"^0.21.3" from [email protected]
npm ERR! node_modules/ansi-escapes
npm ERR! ansi-escapes@"^4.2.1" from @jest/[email protected]
npm ERR! node_modules/@jest/core
npm ERR! @jest/core@"^26.6.0" from [email protected]
npm ERR! node_modules/jest
npm ERR! peer jest@"^26.0.0" from [email protected]
npm ERR! node_modules/jest-watch-typeahead
npm ERR! 1 more (react-scripts)
npm ERR! 1 more (jest-cli)
npm ERR! ansi-escapes@"^4.3.1" from [email protected]
npm ERR! node_modules/jest-watch-typeahead
npm ERR! jest-watch-typeahead@"0.6.1" from [email protected]
npm ERR! node_modules/react-scripts
npm ERR! react-scripts@"4.0.3" from the root project
npm ERR! 2 more (jest-watcher, terminal-link)
npm ERR!
npm ERR! Could not resolve dependency:
npm ERR! peerOptional type-fest@"^0.13.1" from @pmmmwh/[email protected]
npm ERR! node_modules/@pmmmwh/react-refresh-webpack-plugin
npm ERR! @pmmmwh/react-refresh-webpack-plugin@"0.4.3" from [email protected]
npm ERR! node_modules/react-scripts
npm ERR! react-scripts@"4.0.3" from the root project
npm ERR!
npm ERR! Fix the upstream dependency conflict, or retry
npm ERR! this command with --force, or --legacy-peer-deps
npm ERR! to accept an incorrect (and potentially broken) dependency resolution.
npm ERR!
npm ERR! See /home/nay/.npm/eresolve-report.txt for a full report.
npm ERR! A complete log of this run can be found in:
npm ERR! /home/nay/.npm/_logs/2021-06-30T11_03_59_029Z-debug.log
`
Then npm audit fix --force
`npm WARN using --force Recommended protections disabled.
npm WARN audit Updating react-scripts to 1.1.5,which is a SemVer major change.
npm WARN deprecated [email protected]: The
npm WARN deprecated [email protected]: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
npm WARN deprecated [email protected]: this library is no longer supported
npm WARN deprecated [email protected]: Please migrate to Workbox: https://developers.google.com/web/tools/workbox/guides/migrations/migrate-from-sw
npm WARN deprecated [email protected]: CircularJSON is in maintenance only, flatted is its successor.
npm WARN deprecated [email protected]: Please migrate to Workbox: https://developers.google.com/web/tools/workbox/guides/migrations/migrate-from-sw
npm WARN deprecated [email protected]: request has been deprecated, see request/request#3142
npm WARN deprecated [email protected]: This loader has been deprecated. Please use eslint-webpack-plugin
npm WARN deprecated [email protected]: Deprecated. Please use https://github.com/webpack-contrib/mini-css-extract-plugin
npm WARN deprecated [email protected]: some dependency vulnerabilities fixed, support for node < 10 dropped, and newer ECMAScript syntax/features added
npm WARN deprecated [email protected]: Browserslist 2 could fail on reading Browserslist >3.0 config used in other tools.
npm WARN deprecated [email protected]: Browserslist 2 could fail on reading Browserslist >3.0 config used in other tools.
npm WARN deprecated [email protected]: Browserslist 2 could fail on reading Browserslist >3.0 config used in other tools.
npm WARN deprecated [email protected]: Browserslist 2 could fail on reading Browserslist >3.0 config used in other tools.
npm WARN deprecated [email protected]: out of support
npm WARN deprecated [email protected]: babel-eslint is now @babel/eslint-parser. This package will no longer receive updates.
npm WARN deprecated [email protected]: core-js@<3.3 is no longer maintained and not recommended for usage due to the number of issues. Because of the V8 engine whims, feature detection in old core-js versions could cause a slowdown up to 100x even if nothing is polyfilled. Please, upgrade your dependencies to the actual version of core-js.
added 729 packages, removed 1092 packages, changed 315 packages, and audited 1596 packages in 26s
52 packages are looking for funding
run npm fund for details
npm audit report
braces <2.3.1
Regular Expression Denial of Service - https://npmjs.com/advisories/786
fix available via npm audit fix --force
Will install [email protected], which is a breaking change
node_modules/braces
micromatch 0.2.0 - 2.3.11
Depends on vulnerable versions of braces
Depends on vulnerable versions of parse-glob
node_modules/micromatch
anymatch 1.2.0 - 1.3.2
Depends on vulnerable versions of micromatch
node_modules/anymatch
sane 1.0.4 - 4.0.1
Depends on vulnerable versions of anymatch
Depends on vulnerable versions of exec-sh
node_modules/sane
jest-haste-map 16.1.0-alpha.691b0e22 - 24.0.0
Depends on vulnerable versions of micromatch
Depends on vulnerable versions of sane
node_modules/jest-haste-map
jest-runtime 12.1.1-alpha.2935e14d - 24.8.0
Depends on vulnerable versions of babel-jest
Depends on vulnerable versions of babel-plugin-istanbul
Depends on vulnerable versions of jest-haste-map
Depends on vulnerable versions of jest-util
Depends on vulnerable versions of micromatch
Depends on vulnerable versions of yargs
node_modules/jest-runtime
jest-cli 12.1.1-alpha.2935e14d || 12.1.2-alpha.6230044c - 24.8.0
Depends on vulnerable versions of jest-jasmine2
Depends on vulnerable versions of jest-message-util
Depends on vulnerable versions of jest-runtime
Depends on vulnerable versions of jest-snapshot
Depends on vulnerable versions of micromatch
Depends on vulnerable versions of yargs
node_modules/jest-cli
jest 18.5.0-alpha.7da3df39 - 22.4.4 || 23.4.0 - 23.6.0
Depends on vulnerable versions of jest-cli
node_modules/jest
react-scripts 0.1.0 - 2.1.8
Depends on vulnerable versions of babel-jest
Depends on vulnerable versions of file-loader
Depends on vulnerable versions of jest
Depends on vulnerable versions of sw-precache-webpack-plugin
Depends on vulnerable versions of webpack
Depends on vulnerable versions of webpack-dev-server
node_modules/react-scripts
http-proxy-middleware 0.3.0 - 0.17.4
Depends on vulnerable versions of micromatch
node_modules/http-proxy-middleware
webpack-dev-server <=3.11.2
Depends on vulnerable versions of chokidar
Depends on vulnerable versions of http-proxy-middleware
Depends on vulnerable versions of webpack
Depends on vulnerable versions of yargs
node_modules/webpack-dev-server
jest-message-util 18.5.0-alpha.7da3df39 - 23.1.0 || 23.4.0 - 24.0.0-alpha.16
Depends on vulnerable versions of micromatch
node_modules/jest-message-util
jest-jasmine2 18.5.0-alpha.7da3df39 - 22.4.4 || 23.4.0 - 23.6.0
Depends on vulnerable versions of jest-matchers
Depends on vulnerable versions of jest-message-util
node_modules/jest-jasmine2
jest-config 18.5.0-alpha.7da3df39 - 22.4.4 || 23.4.0 - 23.6.0
Depends on vulnerable versions of jest-jasmine2
node_modules/jest-config
jest-matchers >=18.5.0-alpha.7da3df39
Depends on vulnerable versions of jest-message-util
node_modules/jest-matchers
jest-util 18.5.0-alpha.7da3df39 - 22.4.3 || 23.4.0
Depends on vulnerable versions of jest-message-util
node_modules/jest-util
jest-environment-jsdom 18.5.0-alpha.7da3df39 - 22.4.3 || 23.4.0
Depends on vulnerable versions of jest-util
node_modules/jest-environment-jsdom
jest-environment-node 18.5.0-alpha.7da3df39 - 22.4.3 || 23.4.0
Depends on vulnerable versions of jest-util
node_modules/jest-environment-node
jest-snapshot 18.5.0-alpha.7da3df39 - 21.0.0-beta.1
Depends on vulnerable versions of jest-util
node_modules/jest-snapshot
test-exclude <=4.2.3
Depends on vulnerable versions of micromatch
node_modules/test-exclude
babel-plugin-istanbul <=5.0.0
Depends on vulnerable versions of test-exclude
node_modules/babel-plugin-istanbul
babel-jest 14.2.0-alpha.ca8bfb6e - 24.0.0-alpha.16
Depends on vulnerable versions of babel-plugin-istanbul
node_modules/babel-jest
glob-parent <5.1.2
Severity: moderate
Regular expression denial of service - https://npmjs.com/advisories/1751
fix available via npm audit fix --force
Will install [email protected], which is a breaking change
node_modules/glob-parent
node_modules/webpack-dev-server/node_modules/glob-parent
chokidar 1.0.0-rc1 - 2.1.8
Depends on vulnerable versions of glob-parent
node_modules/webpack-dev-server/node_modules/chokidar
webpack-dev-server <=3.11.2
Depends on vulnerable versions of chokidar
Depends on vulnerable versions of http-proxy-middleware
Depends on vulnerable versions of webpack
Depends on vulnerable versions of yargs
node_modules/webpack-dev-server
react-scripts 0.1.0 - 2.1.8
Depends on vulnerable versions of babel-jest
Depends on vulnerable versions of file-loader
Depends on vulnerable versions of jest
Depends on vulnerable versions of sw-precache-webpack-plugin
Depends on vulnerable versions of webpack
Depends on vulnerable versions of webpack-dev-server
node_modules/react-scripts
glob-base *
Depends on vulnerable versions of glob-parent
node_modules/glob-base
parse-glob >=2.1.0
Depends on vulnerable versions of glob-base
node_modules/parse-glob
micromatch 0.2.0 - 2.3.11
Depends on vulnerable versions of braces
Depends on vulnerable versions of parse-glob
node_modules/micromatch
anymatch 1.2.0 - 1.3.2
Depends on vulnerable versions of micromatch
node_modules/anymatch
sane 1.0.4 - 4.0.1
Depends on vulnerable versions of anymatch
Depends on vulnerable versions of exec-sh
node_modules/sane
jest-haste-map 16.1.0-alpha.691b0e22 - 24.0.0
Depends on vulnerable versions of micromatch
Depends on vulnerable versions of sane
node_modules/jest-haste-map
jest-runtime 12.1.1-alpha.2935e14d - 24.8.0
Depends on vulnerable versions of babel-jest
Depends on vulnerable versions of babel-plugin-istanbul
Depends on vulnerable versions of jest-haste-map
Depends on vulnerable versions of jest-util
Depends on vulnerable versions of micromatch
Depends on vulnerable versions of yargs
node_modules/jest-runtime
jest-cli 12.1.1-alpha.2935e14d || 12.1.2-alpha.6230044c - 24.8.0
Depends on vulnerable versions of jest-jasmine2
Depends on vulnerable versions of jest-message-util
Depends on vulnerable versions of jest-runtime
Depends on vulnerable versions of jest-snapshot
Depends on vulnerable versions of micromatch
Depends on vulnerable versions of yargs
node_modules/jest-cli
jest 18.5.0-alpha.7da3df39 - 22.4.4 || 23.4.0 - 23.6.0
Depends on vulnerable versions of jest-cli
node_modules/jest
http-proxy-middleware 0.3.0 - 0.17.4
Depends on vulnerable versions of micromatch
node_modules/http-proxy-middleware
jest-message-util 18.5.0-alpha.7da3df39 - 23.1.0 || 23.4.0 - 24.0.0-alpha.16
Depends on vulnerable versions of micromatch
node_modules/jest-message-util
jest-jasmine2 18.5.0-alpha.7da3df39 - 22.4.4 || 23.4.0 - 23.6.0
Depends on vulnerable versions of jest-matchers
Depends on vulnerable versions of jest-message-util
node_modules/jest-jasmine2
jest-config 18.5.0-alpha.7da3df39 - 22.4.4 || 23.4.0 - 23.6.0
Depends on vulnerable versions of jest-jasmine2
node_modules/jest-config
jest-matchers >=18.5.0-alpha.7da3df39
Depends on vulnerable versions of jest-message-util
node_modules/jest-matchers
jest-util 18.5.0-alpha.7da3df39 - 22.4.3 || 23.4.0
Depends on vulnerable versions of jest-message-util
node_modules/jest-util
jest-environment-jsdom 18.5.0-alpha.7da3df39 - 22.4.3 || 23.4.0
Depends on vulnerable versions of jest-util
node_modules/jest-environment-jsdom
jest-environment-node 18.5.0-alpha.7da3df39 - 22.4.3 || 23.4.0
Depends on vulnerable versions of jest-util
node_modules/jest-environment-node
jest-snapshot 18.5.0-alpha.7da3df39 - 21.0.0-beta.1
Depends on vulnerable versions of jest-util
node_modules/jest-snapshot
test-exclude <=4.2.3
Depends on vulnerable versions of micromatch
node_modules/test-exclude
babel-plugin-istanbul <=5.0.0
Depends on vulnerable versions of test-exclude
node_modules/babel-plugin-istanbul
babel-jest 14.2.0-alpha.ca8bfb6e - 24.0.0-alpha.16
Depends on vulnerable versions of babel-plugin-istanbul
node_modules/babel-jest
js-yaml <=3.13.0
Severity: high
Denial of Service - https://npmjs.com/advisories/788
Code Injection - https://npmjs.com/advisories/813
fix available via npm audit fix
node_modules/svgo/node_modules/js-yaml
svgo 0.4.2 - 1.0.5
Depends on vulnerable versions of js-yaml
node_modules/svgo
postcss-svgo <=2.1.6
Depends on vulnerable versions of svgo
node_modules/postcss-svgo
cssnano 3.0.0 - 3.10.0
Depends on vulnerable versions of postcss-svgo
node_modules/cssnano
mem <4.0.0
Denial of Service - https://npmjs.com/advisories/1084
fix available via npm audit fix --force
Will install [email protected], which is a breaking change
node_modules/mem
os-locale 2.0.0 - 3.0.0
Depends on vulnerable versions of mem
node_modules/webpack/node_modules/os-locale
yargs 4.0.0-alpha1 - 12.0.5 || 14.1.0 || 15.0.0 - 15.2.0
Depends on vulnerable versions of os-locale
Depends on vulnerable versions of yargs-parser
node_modules/webpack-dev-server/node_modules/yargs
node_modules/webpack/node_modules/yargs
node_modules/yargs
jest-cli 12.1.1-alpha.2935e14d || 12.1.2-alpha.6230044c - 24.8.0
Depends on vulnerable versions of jest-jasmine2
Depends on vulnerable versions of jest-message-util
Depends on vulnerable versions of jest-runtime
Depends on vulnerable versions of jest-snapshot
Depends on vulnerable versions of micromatch
Depends on vulnerable versions of yargs
node_modules/jest-cli
jest 18.5.0-alpha.7da3df39 - 22.4.4 || 23.4.0 - 23.6.0
Depends on vulnerable versions of jest-cli
node_modules/jest
react-scripts 0.1.0 - 2.1.8
Depends on vulnerable versions of babel-jest
Depends on vulnerable versions of file-loader
Depends on vulnerable versions of jest
Depends on vulnerable versions of sw-precache-webpack-plugin
Depends on vulnerable versions of webpack
Depends on vulnerable versions of webpack-dev-server
node_modules/react-scripts
jest-runtime 12.1.1-alpha.2935e14d - 24.8.0
Depends on vulnerable versions of babel-jest
Depends on vulnerable versions of babel-plugin-istanbul
Depends on vulnerable versions of jest-haste-map
Depends on vulnerable versions of jest-util
Depends on vulnerable versions of micromatch
Depends on vulnerable versions of yargs
node_modules/jest-runtime
webpack 2.0.0-beta - 4.0.0-beta.3
Depends on vulnerable versions of yargs
node_modules/webpack
babel-loader 7.0.0-alpha.1 - 7.1.2 || 8.0.0-beta.0 - 8.0.0-beta.6
Depends on vulnerable versions of webpack
node_modules/babel-loader
extract-text-webpack-plugin 2.0.0-beta.0 - 3.0.2
Depends on vulnerable versions of webpack
node_modules/extract-text-webpack-plugin
file-loader 1.1.1 - 1.1.9
Depends on vulnerable versions of webpack
node_modules/file-loader
webpack-dev-server <=3.11.2
Depends on vulnerable versions of chokidar
Depends on vulnerable versions of http-proxy-middleware
Depends on vulnerable versions of webpack
Depends on vulnerable versions of yargs
node_modules/webpack-dev-server
merge <2.1.1
Severity: high
Prototype Pollution - https://npmjs.com/advisories/1666
fix available via npm audit fix --force
Will install [email protected], which is a breaking change
node_modules/merge
exec-sh <=0.3.1
Depends on vulnerable versions of merge
node_modules/exec-sh
sane 1.0.4 - 4.0.1
Depends on vulnerable versions of anymatch
Depends on vulnerable versions of exec-sh
node_modules/sane
jest-haste-map 16.1.0-alpha.691b0e22 - 24.0.0
Depends on vulnerable versions of micromatch
Depends on vulnerable versions of sane
node_modules/jest-haste-map
jest-runtime 12.1.1-alpha.2935e14d - 24.8.0
Depends on vulnerable versions of babel-jest
Depends on vulnerable versions of babel-plugin-istanbul
Depends on vulnerable versions of jest-haste-map
Depends on vulnerable versions of jest-util
Depends on vulnerable versions of micromatch
Depends on vulnerable versions of yargs
node_modules/jest-runtime
jest-cli 12.1.1-alpha.2935e14d || 12.1.2-alpha.6230044c - 24.8.0
Depends on vulnerable versions of jest-jasmine2
Depends on vulnerable versions of jest-message-util
Depends on vulnerable versions of jest-runtime
Depends on vulnerable versions of jest-snapshot
Depends on vulnerable versions of micromatch
Depends on vulnerable versions of yargs
node_modules/jest-cli
jest 18.5.0-alpha.7da3df39 - 22.4.4 || 23.4.0 - 23.6.0
Depends on vulnerable versions of jest-cli
node_modules/jest
react-scripts 0.1.0 - 2.1.8
Depends on vulnerable versions of babel-jest
Depends on vulnerable versions of file-loader
Depends on vulnerable versions of jest
Depends on vulnerable versions of sw-precache-webpack-plugin
Depends on vulnerable versions of webpack
Depends on vulnerable versions of webpack-dev-server
node_modules/react-scripts
trim-newlines <3.0.1 || =4.0.0
Severity: high
Regular Expression Denial of Service - https://npmjs.com/advisories/1753
fix available via npm audit fix --force
Will install [email protected], which is a breaking change
node_modules/trim-newlines
meow 3.4.0 - 5.0.0
Depends on vulnerable versions of trim-newlines
node_modules/meow
sw-precache >=4.2.0
Depends on vulnerable versions of meow
node_modules/sw-precache
sw-precache-webpack-plugin >=0.8.0
Depends on vulnerable versions of sw-precache
node_modules/sw-precache-webpack-plugin
react-scripts 0.1.0 - 2.1.8
Depends on vulnerable versions of babel-jest
Depends on vulnerable versions of file-loader
Depends on vulnerable versions of jest
Depends on vulnerable versions of sw-precache-webpack-plugin
Depends on vulnerable versions of webpack
Depends on vulnerable versions of webpack-dev-server
node_modules/react-scripts
webpack-dev-server <=3.11.2
Severity: high
Missing Origin Validation - https://npmjs.com/advisories/725
Depends on vulnerable versions of chokidar
Depends on vulnerable versions of http-proxy-middleware
Depends on vulnerable versions of webpack
Depends on vulnerable versions of yargs
fix available via npm audit fix --force
Will install [email protected], which is a breaking change
node_modules/webpack-dev-server
react-scripts 0.1.0 - 2.1.8
Depends on vulnerable versions of babel-jest
Depends on vulnerable versions of file-loader
Depends on vulnerable versions of jest
Depends on vulnerable versions of sw-precache-webpack-plugin
Depends on vulnerable versions of webpack
Depends on vulnerable versions of webpack-dev-server
node_modules/react-scripts
yargs-parser <=13.1.1 || 14.0.0 - 15.0.0 || 16.0.0 - 18.1.1
Prototype Pollution - https://npmjs.com/advisories/1500
fix available via npm audit fix --force
Will install [email protected], which is a breaking change
node_modules/webpack-dev-server/node_modules/yargs-parser
node_modules/webpack/node_modules/yargs-parser
node_modules/yargs-parser
yargs 4.0.0-alpha1 - 12.0.5 || 14.1.0 || 15.0.0 - 15.2.0
Depends on vulnerable versions of os-locale
Depends on vulnerable versions of yargs-parser
node_modules/webpack-dev-server/node_modules/yargs
node_modules/webpack/node_modules/yargs
node_modules/yargs
jest-cli 12.1.1-alpha.2935e14d || 12.1.2-alpha.6230044c - 24.8.0
Depends on vulnerable versions of jest-jasmine2
Depends on vulnerable versions of jest-message-util
Depends on vulnerable versions of jest-runtime
Depends on vulnerable versions of jest-snapshot
Depends on vulnerable versions of micromatch
Depends on vulnerable versions of yargs
node_modules/jest-cli
jest 18.5.0-alpha.7da3df39 - 22.4.4 || 23.4.0 - 23.6.0
Depends on vulnerable versions of jest-cli
node_modules/jest
react-scripts 0.1.0 - 2.1.8
Depends on vulnerable versions of babel-jest
Depends on vulnerable versions of file-loader
Depends on vulnerable versions of jest
Depends on vulnerable versions of sw-precache-webpack-plugin
Depends on vulnerable versions of webpack
Depends on vulnerable versions of webpack-dev-server
node_modules/react-scripts
jest-runtime 12.1.1-alpha.2935e14d - 24.8.0
Depends on vulnerable versions of babel-jest
Depends on vulnerable versions of babel-plugin-istanbul
Depends on vulnerable versions of jest-haste-map
Depends on vulnerable versions of jest-util
Depends on vulnerable versions of micromatch
Depends on vulnerable versions of yargs
node_modules/jest-runtime
webpack 2.0.0-beta - 4.0.0-beta.3
Depends on vulnerable versions of yargs
node_modules/webpack
babel-loader 7.0.0-alpha.1 - 7.1.2 || 8.0.0-beta.0 - 8.0.0-beta.6
Depends on vulnerable versions of webpack
node_modules/babel-loader
extract-text-webpack-plugin 2.0.0-beta.0 - 3.0.2
Depends on vulnerable versions of webpack
node_modules/extract-text-webpack-plugin
file-loader 1.1.1 - 1.1.9
Depends on vulnerable versions of webpack
node_modules/file-loader
webpack-dev-server <=3.11.2
Depends on vulnerable versions of chokidar
Depends on vulnerable versions of http-proxy-middleware
Depends on vulnerable versions of webpack
Depends on vulnerable versions of yargs
node_modules/webpack-dev-server
44 vulnerabilities (25 low, 8 moderate, 11 high)
To address issues that do not require attention, run:
npm audit fix
To address all issues (including breaking changes), run:
npm audit fix --force
`
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
When i use npx create-react-app app-name
i got 19 vulnerabilities :
When i do npm audit fix i got :
Then npm audit fix --force
What should i do ?
Thank you in advance
Beta Was this translation helpful? Give feedback.
All reactions