You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
2 Vulnerabilities found after npm install vuepress
+ vuepress@0.9.0
added 1184 packages from 655 contributors in 54.018s
[!] 2 vulnerabilities found [11060 packages audited]
Severity: 2 High
Run `npm audit` for more detail
Version
v0.9.0
Steps to reproduce
$ npm audit
=== npm audit security report ===
┌──────────────────────────────────────────────────────────────────────────────┐
│ Manual Review │
│ Some vulnerabilities require your attention to resolve │
│ │
│ Visit https://go.npm.me/audit-guide for additional guidance │
└──────────────────────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ High │ Regular Expression Denial of Service │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ string │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ No patch available │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ vuepress [dev] │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ vuepress > markdown-it-anchor > string │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://nodesecurity.io/advisories/536 │
└───────────────┴──────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ High │ Regular Expression Denial of Service │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ string │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ No patch available │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ vuepress [dev] │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ vuepress > markdown-it-table-of-contents > string │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://nodesecurity.io/advisories/536 │
└───────────────┴──────────────────────────────────────────────────────────────┘
[!] 2 vulnerabilities found - Packages audited: 11060 (11060 dev, 199 optional)
Severity: 2 High
What is expected?
No error message after npm install vuepress
What is actually happening?
Vulnerabilities found in dependencies
Other relevant information
Your OS: MacOS 10.13.4
Node.js version: v8.11.1
Browser version: n/a
Is this a global or local install? local
Which package manager did you use for the install? npm (v6.0.1)
The text was updated successfully, but these errors were encountered:
Bug report
2 Vulnerabilities found after
npm install vuepress
Version
v0.9.0
Steps to reproduce
What is expected?
No error message after
npm install vuepress
What is actually happening?
Vulnerabilities found in dependencies
Other relevant information
The text was updated successfully, but these errors were encountered: