Get 2024 Templates Mega Bundle!$1000 worth of 19 Bootstrap HTML, Vue & React Templates + 3 Vector Sets for just $99
Get for 99$

React using npm install it showing vulnerabilities (1 low, 14 moderate, 19 high, 4 critical)


I want to fix all of the high and critical can you provide the solution for this. The message as below after I run npm install

added 1993 packages, and audited 1994 packages in 2m

172 packages are looking for funding
run `npm fund` for details

38 vulnerabilities (1 low, 14 moderate, 19 high, 4 critical)

To address issues that do not require attention, run:
npm audit fix

To address all issues (including breaking changes), run:
npm audit fix --force

Run `npm audit` for details.


Text formatting options
Submit
Here's a how to add some HTML formatting to your comment:
  • <pre></pre> for JS codes block
  • <pre lang="html"></pre> for HTML code block
  • <pre lang="scss"></pre> for SCSS code block
  • <pre lang="php"></pre> for PHP code block
  • <code></code> for single line of code
  • <strong></strong> to make things bold
  • <em></em> to emphasize
  • <ul><li></li></ul>  to make list
  • <ol><li></li></ol>  to make ordered list
  • <h3></h3> to make headings
  • <a></a> for links
  • <img> to paste in an image
  • <blockquote></blockquote> to quote somebody
  • happy  :)
  • shocked  :|
  • sad  :(

Replies (3)


Hey, Kimmeng, I've been down that npm vulnerability rabbit hole before, and it can be a bit overwhelming, right? Don't worry, you're not alone in this.

First things first, running 'npm audit' is a good call to get more details on those vulnerabilities. Once you've done that, you can try 'npm audit fix' to address the issues that don't require much attention. However, be cautious with 'npm audit fix --force' as it might bring in breaking changes.

If the problem persists, you might want to consider updating the packages manually. Sometimes, the vulnerabilities are fixed in newer versions. Check your 'package.json' for the versions of the packages causing issues and update them one by one.

By the way, I recently came across Andersen, and they have some helpful resources on handling npm vulnerabilities. You might want to check them out for additional insights.

Remember to test your application thoroughly after each update to ensure everything still works as expected. It's a bit time-consuming, but it's worth it for the security of your project.



Hi,

For now, it's impossible to have 0 vulnerabilities packages, cause 3d party libraries should first do their updates. Wait for our updates, I hope in 1 or 2 months packages will migrate to React 18 and all warnings are gone.

Regards,
Keenthemes support



Thank for update happy


Text formatting options
Submit
Here's a how to add some HTML formatting to your comment:
  • <pre></pre> for JS codes block
  • <pre lang="html"></pre> for HTML code block
  • <pre lang="scss"></pre> for SCSS code block
  • <pre lang="php"></pre> for PHP code block
  • <code></code> for single line of code
  • <strong></strong> to make things bold
  • <em></em> to emphasize
  • <ul><li></li></ul>  to make list
  • <ol><li></li></ol>  to make ordered list
  • <h3></h3> to make headings
  • <a></a> for links
  • <img> to paste in an image
  • <blockquote></blockquote> to quote somebody
  • happy  :)
  • shocked  :|
  • sad  :(
Text formatting options
Submit
Here's a how to add some HTML formatting to your comment:
  • <pre></pre> for JS codes block
  • <pre lang="html"></pre> for HTML code block
  • <pre lang="scss"></pre> for SCSS code block
  • <pre lang="php"></pre> for PHP code block
  • <code></code> for single line of code
  • <strong></strong> to make things bold
  • <em></em> to emphasize
  • <ul><li></li></ul>  to make list
  • <ol><li></li></ol>  to make ordered list
  • <h3></h3> to make headings
  • <a></a> for links
  • <img> to paste in an image
  • <blockquote></blockquote> to quote somebody
  • happy  :)
  • shocked  :|
  • sad  :(