21 vulnerabilities (11 moderate, 6 high, 4 critical)
idimo opened this issue · 5 comments
all shoud be as expected.
you just have som setting to show warnings.
what happens when you use the project ?
i do not offen do a clean install. but you are right it shows some vulnerabilities, from what i did not know.
i will see if there is any think i can do about that in the furture.
A fast local fix, is to run npm audit fix
and then remove the folder node_modules
and file package-lock.json
and then run npm install
and then npm audit fix
Then there shoud only be one high think left. But by doing this, i cant ensure all work as it shoud. Will look into it.
The one that i have that is still not fixed is:
csv-parse <4.4.6
Severity: high
Regular Expression Denial of Service in csv-parse - https://github.com/advisories/GHSA-582f-p4pg-xc74
fix available via `npm audit fix`
node_modules/steam/node_modules/csv-parse
1 high severity vulnerability
Don't audit fix, just delete everything then re-download the project again
run in npm install
and ignore all those vulnerabilities... and you are good to go.
i did have a small look, into the warnings. as the module Steam
is archived. and will not have any other updates. i cant fix all the warning. if you use npm audit fix
it will just not work. it will remove the warning. but then the npm steam module, will not work.