-
Bug
-
Resolution: Done
-
Minor
-
None
-
None
-
False
-
None
-
False
+ npm install --ignore-scripts npm WARN deprecated json3@3.3.2: Please use the native JSON object instead of JSON 3 npm WARN deprecated circular-json@0.3.3: CircularJSON is in maintenance only, flatted is its successor. npm WARN deprecated core-js@2.6.10: core-js@<3.0 is no longer maintained and not recommended for usage due to the number of issues. Please, upgrade your dependencies to the actual version of core-js@3. npm notice created a lockfile as package-lock.json. You should commit this file. added 327 packages from 645 contributors and audited 1370 packages in 13.099s found 2 vulnerabilities (1 low, 1 critical) run `npm audit fix` to fix them, or `npm audit` for details
Output from npm audit:
=== npm audit security report === # Run npm install --save-dev mocha@6.2.2 to resolve 2 vulnerabilities SEMVER WARNING: Recommended action is a potentially breaking change Critical Command Injection Package growl Dependency of mocha [dev] Path mocha > growl More info https://nodesecurity.io/advisories/146 Low Regular Expression Denial of Service Package debug Dependency of mocha [dev] Path mocha > debug More info https://nodesecurity.io/advisories/534 found 2 vulnerabilities (1 low, 1 critical) in 1370 scanned packages 2 vulnerabilities require semver-major dependency updates.
