Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
v3.0.1 does not work with NodeJS
See original GitHub issuev3.0.1 of dependency-check no longer works on NodeJS/NPM projects.
Reproduce the issue by following these steps using both dependency-check@v2.0.1 and dependency-check@v3.0.1:
- Set up an example NodeJS/NPM project and install a package with a known vulnerability
- I used an old version of uglify-js, any version before 2.6.0 has vulnerabilities:
mkdir test && cd test && npm init -y && npm i -D uglify-js@2.4.1
- Run dependency-check on the project:
dependency-check --enableExperimental --project test --log ./log.txt -f ALL -o ./ -s ./
v2.0.1 Scan Info and Results:
- dependency-check version: 2.0.1
- Dependencies Scanned: 24 (8 unique)
- Vulnerable Dependencies: 1
- Vulnerabilities Found: 3
- Vulnerabilities Suppressed: 0
- Vulnerabilities:
- cpe:/a:uglifyjs_project:uglifyjs:2.4.1
- CVE-2015-8858
- NSP-48
- NSP-39
v3.0.1Scan Info and Results:
- dependency-check version: 3.0.1
- Dependencies Scanned: 9 (8 unique)
- Vulnerable Dependencies: 0
- Vulnerabilities Found: 0
- Vulnerabilities Suppressed: 0
- Vulnerabilities:
- NONE
Issue Analytics
- State:
- Created 6 years ago
- Comments:8 (2 by maintainers)
Top Results From Across the Web
npm WARN npm npm does not support Node.js v9.1.0
It turns out that the current installed npm is not compatible with the new node and has a hard time updating. The solution...
Read more >Nov 3 2022 Security Releases - Node.js
(Update 04-November-2022) Security releases available. Updates are now available for v14,x, v16.x, v18.x and v19.x Node.js release lines for ...
Read more >15 Common Error Codes in Node.js and How to Fix Them
However, most of the information to fix these problems are currently ... 3. ETIMEDOUT. The ETIMEDOUT error is thrown by the Node.js runtime ......
Read more >Troubleshooting | Puppeteer
For the former, we do not support deprecated versions of Node.js. ... such as jest ) will work (e.g. https://github.com/puppeteer/puppeteer/issues/9121) ...
Read more >Express/Node introduction - Learn web development | MDN
Node (or more formally Node.js) is an open-source, cross-platform ... Other common web-development tasks are not directly supported by Node ...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
@stevespringett Maybe this one? 😬
see rxaviers/gist:7360908 :octocat:
This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.