So, it's a bit alarming when your terminal is showing you all kinds of vulnerabilities. After running npm audit and npm audit fix, I see a slew of red flags. So, of course, I traversed the web in search of answers. After updating everything multiple times and trying different versions, I only ended up with more red flags.
Which vulnerabilities should I be concerned about? After reading several forums and blogs, it seems as though having some vulnerabilities at any point is almost unescapable.
I saw that you can force some things by tweaking the package-lock.json file. I also saw that some things will say "No fix available" Well, thats not very comforting.
I'm interested in hearing about how you manage your vulnerabilities - and how do we know if they are a cause for concern? I'd love to hear you're feedback and recommendations. Thank you!
Top comments (0)