New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
found 5 vulnerabilities (1 low, 4 high) #2201
Comments
|
Those issues have been "known" forever because they are references to gulp 3 (notice the gaze dependency?). |
Sorry. I was installing gulp at npm without specifying the version. Without specifying the version, running 'npm install gulp' seemed to install version 3.9.1. The problem was solved by specifying the version of gulp and running npm install. |
the rest of the problems are related to gulp, and according to the team "None of these warnings pose any real risk to you as a user of gulp, so you can ignore them." gulpjs/gulp#2201
Hi.
I installed gulp globally. A warning indicating that the dependent library is vulnerable has been output.
I execute
npm audit
command. Result is below.I should execute
npm audit fix
command? Or I need to executenpm update minimatch/lodash
?The text was updated successfully, but these errors were encountered: