Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
NPM audit to fix
See original GitHub issueSubject of the issue
Hi, npm audit alerts me about vulnerabilities. We need to fix debug and cheerio (for x-ray-crawler) dependencies.
Your environment
- version of node: 9.4.0
- version of npm: 6.2.0
Steps to reproduce
npm audit
Expected behaviour
Should not throw alerts
Actual behaviour
Throws 2 alerts
Issue Analytics
- State:
- Created 5 years ago
- Reactions:5
- Comments:5
Top Results From Across the Web
npm-audit
The npm audit fix command will exit with 0 exit code if no vulnerabilities are found or if the remediation is able to...
Read more >What does "npm audit fix" exactly do? - Stack Overflow
npm audit fix is intended to automatically upgrade / fix vulnerabilities in npm packages. However, I haven't found out what it exactly does ......
Read more >How to Fix Security Vulnerabilities with NPM - IFS Blog
Else, to resolve the vulnerabilities automatically run npm audit fix command. As a result, it will execute a npm install command under the ......
Read more >npm audit: Broken by Design - Overreacted
As of today, npm audit is a stain on the entire npm ecosystem. The best time to fix it was before rolling it...
Read more >How to Fix Your Security Vulnerabilities with NPM Overrides
Running npm update did not change the number of vulnerable packages and strangely npm audit fix added another vulnerability. What does the ...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
I think you’re right. Our dependencies seem to be causing those failures all over the place.
@matthewmueller, any objection to moving minimum to Node 6 (currently in LTS status) to keep our CI tests working?
Fixed by https://github.com/matthewmueller/x-ray/tree/2.3.4