We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
https://docs.npmjs.com/cli/audit.html
npm audit 是 npm 6 新增的一个命令,可以允许开发人员分析复杂的代码并查明特定的漏洞。在刚刚发布的 npm 6.1.0 版本中,开发团队对该命令进行了完善。现在可使用 npm audit fix 子命令自动修复检测到的漏洞,而不必再自己进行跟踪和修复。
当你npm audit的时候 会提示: found 15 vulnerabilities (6 low, 8 moderate, 1 high) in 2810 scanned packages runnpm audit fixto fix 7 of them.
found 15 vulnerabilities (6 low, 8 moderate, 1 high) in 2810 scanned packages run
to fix 7 of them.
会提示 6 low, 8 moderate, 1 high
出现 high 就要注意了
$ npm audit fix --force
执行下命令,如果还有存在 high , 需要更替包的方案
yarn 也可以使用
更新yarn到 1.16.x 版本
执行 yarn audit 检查包 yarn audit fix -- force 修复 (删除已经存在的yarn.lock 和 node_module 包)
yarn audit
yarn audit fix -- force
The text was updated successfully, but these errors were encountered:
No branches or pull requests
https://docs.npmjs.com/cli/audit.html
npm audit 是 npm 6 新增的一个命令,可以允许开发人员分析复杂的代码并查明特定的漏洞。在刚刚发布的 npm 6.1.0 版本中,开发团队对该命令进行了完善。现在可使用 npm audit fix 子命令自动修复检测到的漏洞,而不必再自己进行跟踪和修复。
当你npm audit的时候 会提示:
found 15 vulnerabilities (6 low, 8 moderate, 1 high) in 2810 scanned packages runnpm audit fixto fix 7 of them.会提示 6 low, 8 moderate, 1 high
出现 high 就要注意了
$ npm audit fix --force执行下命令,如果还有存在 high , 需要更替包的方案
yarn 也可以使用
更新yarn到 1.16.x 版本
执行
yarn audit检查包yarn audit fix -- force修复 (删除已经存在的yarn.lock 和 node_module 包)The text was updated successfully, but these errors were encountered: