Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Hi , I'm Vignes #28

Open
Vignes07 opened this issue Mar 8, 2022 · 1 comment
Open

Hi , I'm Vignes #28

Vignes07 opened this issue Mar 8, 2022 · 1 comment

Comments

@Vignes07
Copy link

Vignes07 commented Mar 8, 2022

npm shows
4 high severity vulnerabilities

To address all issues, run:
npm audit fix

how to fix

@Tagvi
Copy link

Tagvi commented Mar 15, 2022

Hi Vignes, the way NPM displays vulnerabilities is most of the time useless. Those aren't vulnerabilities in this case, since this website doesn't have any input to the server or any way that a user can damage the website. Most of the time the vulnerabilities displayed are for dependencies that are run on the development machine, so the only way to exploit such vulns is to hack into the device of whoever is building the production build and alter the code and trust me, if you have such access, you can do much more than use some NPM vulnerabilities against them. Sorry for terrible explanation, but I hope you understand :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants