-
Notifications
You must be signed in to change notification settings - Fork 272
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix Vulnerable Dependencies Marked by npm audit #27
Comments
https://nodesecurity.io/advisories/877 https://nodesecurity.io/advisories/1084 |
To run the audit in the first place we'll need a little tweak in the project with the new architecture: |
Note: vulnerabilities that have no patches to them are not fixed (of course) Fixes hyperledger#27
Note: vulnerabilities that have no patches to them are not fixed (of course) Fixes hyperledger#27 Signed-off-by: Peter Somogyvari <peter.metz@unarin.com>
Note: vulnerabilities that have no patches to them are not fixed (of course) Fixes hyperledger#27 Signed-off-by: Peter Somogyvari <peter.metz@unarin.com>
Note: vulnerabilities that have no patches to them are not fixed (of course) Fixes hyperledger#27 Signed-off-by: Peter Somogyvari <peter.somogyvari@accenture.com>
Note: vulnerabilities that have no patches to them are not fixed (of course) Fixes #27 Signed-off-by: Peter Somogyvari <peter.somogyvari@accenture.com>
If necessary, using
npm audit fix --force
is justified as well.Might need to get rid of the 8.x NodeJS engine requirement first because the upgraded dependencies may break on 8.x.
The text was updated successfully, but these errors were encountered: