You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I've used the commands using NPM to try to install the software and I get the following warnings:
`
npm audit report
axios <=0.21.1
Severity: high
Server-Side Request Forgery in Axios - GHSA-4w2v-q235-vp99
Incorrect Comparison in axios - GHSA-cph5-m8f7-6c5x
Depends on vulnerable versions of follow-redirects
No fix available
node_modules/axios
@adguard/hostlist-compiler *
Depends on vulnerable versions of axios
Depends on vulnerable versions of better-ajv-errors
node_modules/@adguard/hostlist-compiler
follow-redirects <=1.14.7
Severity: high
Exposure of Sensitive Information to an Unauthorized Actor in follow-redirects - GHSA-pw2r-vq6v-hr8c
Exposure of sensitive information in follow-redirects - GHSA-74fj-2j2h-c42q
No fix available
node_modules/follow-redirects
jsonpointer <5.0.0
Severity: moderate
Prototype Pollution in node-jsonpointer - GHSA-282f-qqgm-c34q
fix available via npm audit fix
node_modules/jsonpointer
better-ajv-errors <=0.8.1
Depends on vulnerable versions of jsonpointer
node_modules/better-ajv-errors
5 vulnerabilities (2 moderate, 3 high)
To address issues that do not require attention, run:
npm audit fix
Some issues need review, and may require choosing
a different dependency.`
Does updating these dependencies with a npm audit fix --force break functionality of the tool (looks like only jsonpointer has a fix available at this time)?
Can you please advise?
The text was updated successfully, but these errors were encountered:
I've used the commands using NPM to try to install the software and I get the following warnings:
`
npm audit report
axios <=0.21.1
Severity: high
Server-Side Request Forgery in Axios - GHSA-4w2v-q235-vp99
Incorrect Comparison in axios - GHSA-cph5-m8f7-6c5x
Depends on vulnerable versions of follow-redirects
No fix available
node_modules/axios
@adguard/hostlist-compiler *
Depends on vulnerable versions of axios
Depends on vulnerable versions of better-ajv-errors
node_modules/@adguard/hostlist-compiler
follow-redirects <=1.14.7
Severity: high
Exposure of Sensitive Information to an Unauthorized Actor in follow-redirects - GHSA-pw2r-vq6v-hr8c
Exposure of sensitive information in follow-redirects - GHSA-74fj-2j2h-c42q
No fix available
node_modules/follow-redirects
jsonpointer <5.0.0
Severity: moderate
Prototype Pollution in node-jsonpointer - GHSA-282f-qqgm-c34q
fix available via
npm audit fixnode_modules/jsonpointer
better-ajv-errors <=0.8.1
Depends on vulnerable versions of jsonpointer
node_modules/better-ajv-errors
5 vulnerabilities (2 moderate, 3 high)
To address issues that do not require attention, run:
npm audit fix
Some issues need review, and may require choosing
a different dependency.`
Does updating these dependencies with a
npm audit fix --forcebreak functionality of the tool (looks like only jsonpointer has a fix available at this time)?Can you please advise?
The text was updated successfully, but these errors were encountered: