Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

New moderate vulnerability found #9674

Closed
llkevin13579 opened this issue Mar 17, 2020 · 2 comments
Closed

New moderate vulnerability found #9674

llkevin13579 opened this issue Mar 17, 2020 · 2 comments

Comments

@llkevin13579
Copy link

🐛 Bug Report

After installing the latest version(v25.1.0) of jest, the new moderate vulnerability found.

To Reproduce

Steps to reproduce the behavior:

  1. npm i
  2. npm audit
=== npm audit security report ===   
# Run  npm update acorn --depth 11  to resolve 13 vulnerabilities
![image](https://user-images.githubusercontent.com/13827888/76846712-e88c5b00-687b-11ea-96c0-ec684f3ae5e1.png)
![image](https://user-images.githubusercontent.com/13827888/76846762-fa6dfe00-687b-11ea-9311-db5a7809a9d9.png)
![image](https://user-images.githubusercontent.com/13827888/76846776-0063df00-687c-11ea-8d79-36f4c66f2ada.png)
![image](https://user-images.githubusercontent.com/13827888/76846782-05289300-687c-11ea-9ca3-9f02ef13334b.png)
![image](https://user-images.githubusercontent.com/13827888/76846800-09ed4700-687c-11ea-9787-388a174a1ebc.png)
![image](https://user-images.githubusercontent.com/13827888/76846813-0f4a9180-687c-11ea-8ff5-d5a55a1ad274.png)
![image](https://user-images.githubusercontent.com/13827888/76846818-1376af00-687c-11ea-9c3f-884a1a6dfc15.png)
![image](https://user-images.githubusercontent.com/13827888/76846830-183b6300-687c-11ea-8f9f-ff7374ce4b5f.png)
![image](https://user-images.githubusercontent.com/13827888/76846853-212c3480-687c-11ea-9d7c-4dfcd947ba05.png)
![image](https://user-images.githubusercontent.com/13827888/76846885-2be6c980-687c-11ea-878a-e26111eda2c6.png)

Expected behavior

Should not include any unsafe lib.

I try to run npm update acorn --depth 11 but still can't fix this issue

Link to repl or repo (highly encouraged)

envinfo

node version: v10.17.0
npm version: v6.11.3
@thymikee
Copy link
Collaborator

Duplicate of #9643

@thymikee thymikee marked this as a duplicate of #9643 Mar 17, 2020
@github-actions
Copy link

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.
Please note this issue tracker is not a help forum. We recommend using StackOverflow or our discord channel for questions.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators May 11, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

No branches or pull requests

2 participants