You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have done my best to include a minimal, self-contained set of instructions for consistently reproducing the issue.
JavaScript Framework
React
Amplify APIs
Not applicable
Amplify Categories
auth
Environment information
before:
$ npm i
up to date, audited 1467 packages in 3s
...
3 vulnerabilities (2 low, 1 moderate)
Some issues need review, and may require choosing
a different dependency.
Run `npm audit` for details.
after:
$ npm i @aws-amplify/auth
npm WARN deprecated urix@0.1.0: Please see https://github.com/lydell/urix#deprecated
npm WARN deprecated resolve-url@0.2.1: https://github.com/lydell/resolve-url#deprecated
npm WARN deprecated sane@4.1.0: some dependency vulnerabilities fixed, support for node < 10 dropped, and newer ECMAScript syntax/features added
npm WARN deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
npm WARN deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
npm WARN deprecated uglify-es@3.3.9: support for ECMAScript is superseded by `uglify-js` as of v3.13.0
added 556 packages, and audited 2023 packages in 20s
...
34 vulnerabilities (2 low, 9 moderate, 23 high)
To address issues that do not require attention, run:
npm audit fix
Some issues need review, and may require choosing
a different dependency.
Run `npm audit` for details.
Describe the bug
the package has dependencies that NPM categorizes as having high severity security vulnerabilities
Expected behavior
no dependencies on packages with known vulnerabilities
Reproduction steps
npm i @aws-amplify/auth
Code Snippet
// Put your code below this line.
Log output
// Put your logs below this line
aws-exports.js
No response
Manual configuration
No response
Additional configuration
No response
Mobile Device
No response
Mobile Operating System
No response
Mobile Browser
No response
Mobile Browser Version
No response
Additional information and screenshots
No response
The text was updated successfully, but these errors were encountered:
Thanks for this @jcoyne, in installing now, I am not receiving the high vulnerabilities. Can you please confirm with the latest you are no longer seeing the high vulnerabilities? Thanks ahead of time.
Before opening, please confirm:
JavaScript Framework
React
Amplify APIs
Not applicable
Amplify Categories
auth
Environment information
before:
after:
Describe the bug
the package has dependencies that NPM categorizes as having high severity security vulnerabilities
Expected behavior
no dependencies on packages with known vulnerabilities
Reproduction steps
npm i @aws-amplify/auth
Code Snippet
// Put your code below this line.
Log output
aws-exports.js
No response
Manual configuration
No response
Additional configuration
No response
Mobile Device
No response
Mobile Operating System
No response
Mobile Browser
No response
Mobile Browser Version
No response
Additional information and screenshots
No response
The text was updated successfully, but these errors were encountered: