You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Yeah - People don't really like this security audit feature because it highlights stuff like this in the dev dependencies that are not real vulnerabilities.
Even though mapillary is using brfs to assemble the sprites for browserify, the vulnerability can't affect us downstream because we only use the svgs from their repository. iD doesn't actually run brfs anywhere.
The overagressive warning is reported here: npm/npm#20564 and I think they are working on it, but it's hard to tell since they have switched the project to a new repository.
On installation I got recommendation to run
npm audit fix
ornpm audit
due to "1 moderate severity vulnerability"npm audit fix
was unable to fix issue automatically and recommended runningnpm audit
to get detailed info.The text was updated successfully, but these errors were encountered: