Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

NPM audit vulnerabilities

See original GitHub issue

Hello,

We have an installation of SpectaQL v1.5.3 in our project. We are seeing some issues when running npm audit. It is recommending us to downgrade to v0.0.2 to fix the vulnerabilities. Currently, there are 11 vulnerabilities listed for SpectaQL.

11 vulnerabilities (3 moderate, 6 high, 2 critical)

Do you plan on bumping the versions for the dependencies that SpectaQL uses?

Thanks

Issue Analytics

  • State:closed
  • Created a year ago
  • Comments:8

github_iconTop GitHub Comments

2reactions
newhousecommented, Nov 28, 2022

Aiming for this week @knidarkness

2reactions
newhousecommented, Nov 11, 2022

I am aiming to take care of this in the 2.0 release.

Read more comments on GitHub >

github_iconTop Results From Across the Web

Auditing package dependencies for security vulnerabilities
Running a security audit with npm audit · On the command line, navigate to your package directory by typing cd path/to/your-package-name and pressing...
Read more >
Don't be alarmed by vulnerabilities after running NPM Install
The NPM registry runs a security audit on NPM packages. ... Results of running NPM install with a list of vulnerabilities found in...
Read more >
How to Fix Security Vulnerabilities with NPM - IFS Blog
How to Fix Security Vulnerabilities with NPM · Try running npm update command. · If you have a vulnerability that requires manual review,...
Read more >
NPM Audit: How to Scan Packages for Security Vulnerabilities
npm audit is a built-in security feature that scans your project for security vulnerabilities, and if available, provides an assessment report ...
Read more >
Fixing security vulnerabilities in npm dependencies in less ...
In order to find potential vulnerabilities in your repo, you can either do. npm audit — which should show you an output like...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

spectaQL directive breaks the GQL server when it's not defined

Next page

Microfiber options (especially removeUnusedTypes) need to be exposed