You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Aug 20, 2023. It is now read-only.
While following the CONTRIBUTIONS.md instructions, when you run an npm install from the main directory, you get the following warning:
✔ Configured custom merge driver
added 1214 packages from 742 contributors and audited 884553 packages in 15.08s
found 1 high severity vulnerability
run `npm audit fix` to fix them, or `npm audit` for details
After running an npm audit, you get the following message:
=== npm audit security report ===
┌──────────────────────────────────────────────────────────────────────────────┐
│ Manual Review │
│ Some vulnerabilities require your attention to resolve │
│ │
│ Visit https://go.npm.me/audit-guide for additional guidance │
└──────────────────────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ High │ Machine-In-The-Middle │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ https-proxy-agent │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=3.0.0 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ danger [dev] │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ danger > https-proxy-agent │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/1184 │
└───────────────┴──────────────────────────────────────────────────────────────┘
found 1 high severity vulnerability in 884553 scanned packages
1 vulnerability requires manual review. See the full report for details.
And, last, after running npm audit fix, this is what I get:
up to date in 4.926s
fixed 0 of 1 vulnerability in 884553 scanned packages
1 vulnerability required manual review and could not be updated
Expected behavior: the main npm install of this package should not include any high vulnerability installations.
The text was updated successfully, but these errors were encountered:
Thank you so much for opening your first issue in this project! We'll try to get back to it as quickly as possible. While you are waiting...here's a random picture of a corgi (powered by dog.ceo)
While following the CONTRIBUTIONS.md instructions, when you run an
npm install
from the main directory, you get the following warning:After running an
npm audit
, you get the following message:And, last, after running
npm audit fix
, this is what I get:Expected behavior: the main npm install of this package should not include any high vulnerability installations.
The text was updated successfully, but these errors were encountered: