Installing the package dependencies reports 3 vulnerabilities.
npm install
up to date, audited 336 packages in 873ms
98 packages are looking for funding
run `npm fund` for details
3 vulnerabilities (1 moderate, 2 high)
To address all issues (including breaking changes), run:
npm audit fix --force
Run `npm audit` for details.
Audit Report
minimatch <3.0.5
Severity: high
minimatch ReDoS vulnerability - https://github.com/advisories/GHSA-f8q6-p94x-37v3
fix available via `npm audit fix --force`
Will install mocha@10.3.0, which is a breaking change
node_modules/minimatch
mocha 5.1.0 - 9.2.1
Depends on vulnerable versions of minimatch
Depends on vulnerable versions of nanoid
node_modules/mocha
nanoid 3.0.0 - 3.1.30
Severity: moderate
Exposure of Sensitive Information to an Unauthorized Actor in nanoid - https://github.com/advisories/GHSA-qrpm-p2h7-hrv2
fix available via `npm audit fix --force`
Will install mocha@10.3.0, which is a breaking change
node_modules/nanoid
3 vulnerabilities (1 moderate, 2 high)
Installing the package dependencies reports 3 vulnerabilities.
Audit Report