python (65.1k questions)

javascript (44.2k questions)

reactjs (22.7k questions)

java (20.8k questions)

c# (17.4k questions)

html (16.3k questions)

r (13.7k questions)

android (12.9k questions)

Questions - npm-audit

Overriding nested dependencies in Node.js projects to improve "npm audit" vulnerability report

I got some vulnerabilities resolved in my Node.js project by forcing some nested dependency updates but I need help understanding what's actually happening behind the scene of this improvement. Here i...
test-img

AliReza

node.js

npm

package.json

package-lock.json

npm-audit

Votes: 0

Answers: 1

Latest Answer

As the saying goes, "It's not the things that you don't know that get you into trouble. It's the things that you know for sure but that just ain't so.". In your case: I know "npm insta...
test-img

Christian Fritz

npm audit fix not updating package.json

I want to fix one vulnerability and after lot of hit and trial, I want to use the fix given by npm audit fix. The npm audit says: # Run npm update mkdirp --depth 8 to resolve 10 vulnerabilities ...
test-img

user124

node.js

npm

package.json

package-lock.json

npm-audit

Votes: 0

Answers: 1

Latest Answer

Only changes are done in package-lock.json which we are not suppose to checkin This is wrong, you should check this in. It's the whole point of the file to make sure anyone else using the repo is r...
test-img

Daniel Douglas

Fixing NPM vulnerabilities

I am following a TypeScript tutorial. Unfortunately, the packages are outdated and I got a warning about vulnerabilities. I followed a bunch of suggestions from npm check and update package if needed...
test-img

Thomas Weller

node.js

dependencies

npm-audit

npm-vulnerabilities

dependency-tree

Votes: 0

Answers: 3

Latest Answer

As per the comments, I have already tried all commands for the general case, in which case you need to start analyzing individual packages. So, what did I do? Update all dependencies to the latest ve...
test-img

Thomas Weller

Istio Virtual Service - Proxy to external HTTPS service

I'm trying to proxy HTTP requests with specified URI prefix to an external HTTPS server. The idea is to use ower internal Nexus Repository manager for NPM, but don't loosethe ability for 'npm audit' l...
test-img

Sebastian A.

nexus

istio

istio-gateway

npm-audit

Votes: 0

Answers: 1

Latest Answer

Found a solution: You need to add an DestinationRule with TLS mode 'SIMPLE' to connect to an external HTTPS service. The whole configuration for my issue with forwarding 'npm audit' requests to public...
test-img

Sebastian A.

Posts

Questions

Blogs

Jobs