If you have a vulnerability that requires manual review, you will have to raise a request to the maintainers of the dependent package to get an update.It will update all the package minor versions to the latest and may fix potential security issues. Therefore, it is not advisable to apply this command without taking a closer look. Hence, this may cause breaking changes in the code. As suggested npm audit –force will upgrade dependencies with issues to major version. In my case there are still some vulnerabilities to be fixed manually. As a result, it will execute a npm install command under the hood and will upgrade patch versions of the packages with issues.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |