npm audit found vulnerabilities
github-actions opened this issue · 4 comments
github-actions commented
# npm audit report
minimatch <3.0.5
Severity: high
minimatch ReDoS vulnerability - https://github.com/advisories/GHSA-f8q6-p94x-37v3
fix available via `npm audit fix`
node_modules/minimatch
mocha 5.1.0 - 9.2.1
Depends on vulnerable versions of minimatch
node_modules/mocha
2 high severity vulnerabilities
To address all issues, run:
npm audit fix
github-actions commented
# npm audit report
minimatch <3.0.5
Severity: high
minimatch ReDoS vulnerability - https://github.com/advisories/GHSA-f8q6-p94x-37v3
fix available via `npm audit fix`
node_modules/minimatch
mocha 5.1.0 - 9.2.1
Depends on vulnerable versions of minimatch
node_modules/mocha
2 high severity vulnerabilities
To address all issues, run:
npm audit fix
github-actions commented
# npm audit report
minimatch <3.0.5
Severity: high
minimatch ReDoS vulnerability - https://github.com/advisories/GHSA-f8q6-p94x-37v3
fix available via `npm audit fix`
node_modules/minimatch
mocha 5.1.0 - 9.2.1
Depends on vulnerable versions of minimatch
node_modules/mocha
2 high severity vulnerabilities
To address all issues, run:
npm audit fix
boly38 commented
$ npm outdated --depth=3
Package Current Wanted Latest Location Depended by
chai 4.3.4 4.3.6 4.3.6 node_modules/chai node-mongotools
dateformat 4.6.3 4.6.3 5.0.3 node_modules/dateformat node-mongotools
dropbox-v2-api 2.4.52 2.5.6 2.5.6 node_modules/dropbox-v2-api node-mongotools
mocha 9.1.3 9.2.2 10.1.0 node_modules/mocha node-mongotools
nanoid 3.2.0 3.3.4 4.0.0 node_modules/nanoid node-mongotools
# once updated
$ npm list minimatch
node-mongotools@2.0.2 C:\WORK\perso\node-mongotools
├─┬ mocha@10.1.0
│ ├─┬ glob@7.2.0
│ │ └── minimatch@3.0.4
│ └── minimatch@5.0.1
└─┬ nyc@15.1.0
└─┬ test-exclude@6.0.0
└── minimatch@3.0.4 deduped
boly38 commented
need to switch to module type