Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

vulnerability from npm audit

See original GitHub issue

Link to bug demonstration repository

Expected Behavior

should pass npm audit

Observed Behavior

does not

Environment Information

# paste the output here
$ npx envinfo@latest --preset nyc
npx: installed 1 in 1.793s

  System:
    OS: macOS Mojave 10.14.4
    CPU: (4) x64 Intel(R) Core(TM) i5-7267U CPU @ 3.10GHz
    Memory: 86.77 MB / 8.00 GB
  Binaries:
    Node: 11.10.1 - /usr/local/bin/node
    Yarn: 1.5.1 - /usr/local/bin/yarn
    npm: 6.9.0 - ~/.npm-packages/bin/npm
  npmPackages:
    @babel/cli: ^7.4.3 => 7.4.3 
    @babel/node: ^7.2.2 => 7.2.2 
    babel-eslint: ^8.2.3 => 8.2.6 
    nyc: ^13.3.0 => 13.3.0

Issue Analytics

State:
Created 4 years ago
Comments:6 (3 by maintainers)

Top GitHub Comments

4reactions

coreyfarrellcommented, Apr 16, 2019

have you deleted/regenerated your yarn.lock and/or package-lock.json?

1reaction

aaddaammcommented, Apr 16, 2019

I’ve upgraded to v14 but i’m still seeing the audit error for nyc > istanbul-reports > handlebars. https://www.npmjs.com/advisories/755

Node 8.15.0 npm 6.4.1 yarn 1.15.2

Top Results From Across the Web

Auditing package dependencies for security vulnerabilities

Running a security audit with npm audit · On the command line, navigate to your package directory by typing cd path/to/your-package-name and pressing...

How to Fix Security Vulnerabilities with NPM - IFS Blog

Else, to resolve the vulnerabilities automatically run npm audit fix command. As a result, it will execute a npm install command under the...

Don't be alarmed by vulnerabilities after running NPM Install

What does the audit command do? It takes the current version of a package in your project and checks the list of known...

Fixing security vulnerabilities in npm dependencies in less ...

🔭 npm audit 2.1) To fix any dependency, you need to first know which npm package depends on that. This will tell you...

NPM Audit: How to Scan Packages for Security Vulnerabilities

npm audit is a built-in security feature that scans your project for security vulnerabilities, and if available, provides an assessment report ...