koa2第一天安裝koa2found 1 low severity vulnerability run `npm audit fix` to fix them, or `npm audit` for

時間 2019-12-16

標籤 koa2 koa 第一天安裝 koa2found low severity vulnerability run npm audit fix 简体版

原文原文鏈接

安裝全局koa2：npm install -g koa2 -generator

建立一個koa2文件夾：koa2 -e koa2

進入koa2文件夾：cd koa2

安裝npm模塊：npm install

顯示以下結果，能夠看到，英文提示有一個漏洞須要修復html

：node

　C:\Users\Administrator\Desktop\koa2-1-1\koa2>npm installnpm

npm WARN deprecated swig@1.4.2: This package is no longer maintained
npm WARN deprecated ejs@2.3.4: Critical security bugs fixed in 2.5.5

> nodemon@1.18.6 postinstall C:\Users\Administrator\Desktop\koa2-1-1\koa2\node_modules\nodemon
> node bin/postinstall || exit 0

Love nodemon? You can now support the project via the open collective:
 > https://opencollective.com/nodemon/donate

npm notice created a lockfile as package-lock.json. You should commit this file.
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.2.4 (node_modules\fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.4: wanted {"os":"darwin","arch":"any"} (current: {"os":"win32","arch":"x64"})

added 320 packages from 182 contributors and audited 2414 packages in 186.878s
found 1 low severity vulnerability
  run `npm audit fix` to fix them, or `npm audit` for details

按照代碼運行 npm audit fixjson

顯示koa

C:\Users\Administrator\Desktop\koa2-1-1\koa2>npm audit fix
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.2.4 (node_modules\fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.4: wanted {"os":"darwin","arch":"any"} (current: {"os":"win32","arch":"x64"})

up to date in 13.094s
fixed 0 of 1 vulnerability in 2414 scanned packages
  1 package update for 1 vuln involved breaking changes
  (use `npm audit fix --force` to install breaking changes; or refer to `npm audit` for steps to fix these manually)

很明顯沒有解決post

接着運行audit fixthis

顯示：spa

Run  npm install koa-onerror@4.1.0  to resolve 1 vulnerabilitySEMVER WARNING: Recommended action is a potentially breaking change

Low Regular Expression Denial of Servicekoa2

Package uglify-jsorm

Dependency of koa-onerror

Path koa-onerror > swig > uglify-js

More info https://nodesecurity.io/advisories/48

found 1 low severity vulnerability in 2414 scanned packages

　　運行

npm install koa-onerror@4.1.0
顯示

npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.2.4 (node_modules\fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.4: wanted {"os":"darwin","arch":"any"} (current: {"os":"win32","arch":"x64"})

+ koa-onerror@4.1.0
added 1 package from 1 contributor, removed 15 packages, updated 1 package and audited 2401 packages in 14.254s
found 0 vulnerabilities

相關標籤/搜索

每日一句

每一个你不满意的现在，都有一个你没有努力的曾经。

koa2第一天 安裝koa2found 1 low severity vulnerability run `npm audit fix` to fix them, or `npm audit` for

koa2第一天安裝koa2found 1 low severity vulnerability run `npm audit fix` to fix them, or `npm audit` for