You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
$ cd test
johnd@RazerBlade MINGW64 ~/test
$ npm install surge
npm WARN deprecated har-validator@5.1.5: this library is no longer supported
npm WARN deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
npm WARN deprecated request@2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142
added 112 packages in 10s
4 packages are looking for funding
run `npm fund` for details
johnd@RazerBlade MINGW64 ~/test
$ npm audit
# npm audit report
minimist 1.0.0 - 1.2.5
Severity: critical
Prototype Pollution in minimist - https://github.com/advisories/GHSA-xvch-5gv4-984h
fix available via `npm audit fix --force`
Will install surge@0.9.0, which is a breaking change
node_modules/minimist
surge >=0.1.0
Depends on vulnerable versions of minimist
Depends on vulnerable versions of request
node_modules/surge
request *
Severity: moderate
Server-Side Request Forgery in Request - https://github.com/advisories/GHSA-p8p7-x288-28g6
fix available via `npm audit fix --force`
Will install surge@0.9.0, which is a breaking change
node_modules/request
3 vulnerabilities (1 moderate, 2 critical)
To address all issues (including breaking changes), run:
npm audit fix --force
However, even using npm audit fix --force did not clear up the critical vulnerabilities
The text was updated successfully, but these errors were encountered:
However, even using npm audit fix --force did not clear up the critical vulnerabilities
The text was updated successfully, but these errors were encountered: