Skip to content
This repository was archived by the owner on Nov 4, 2022. It is now read-only.

vulnerabilities detected when running npm audit #557

Closed
gghhh456 opened this issue Aug 24, 2018 · 1 comment
Closed

vulnerabilities detected when running npm audit #557

gghhh456 opened this issue Aug 24, 2018 · 1 comment

Comments

@gghhh456
Copy link

Hey there,

I get 3 vulnerabilities (2 low, 1 critical) after installing this package.

npm --version #6.4.0

node -v #8.11.3

vulnerebility
@protoEvangelion
Copy link
Member

@gghhh456 Thanks for reporting :)

Although the warnings were benign AFAIK, I went ahead and updated dependencies to get rid of the npm audit warnings.

A lot of these warnings are not an issue because they either exploit a running server like a DDoS attack or rely on malicious user input. These types of exploits should not affect gh users.

It does feel nice though when the report comes back:

image

Thanks again for reporting and let me know if you still see these warnings after running npm install -g gh

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@gghhh456 @protoEvangelion