nvispute

After Audit fix

Apr 27th, 2021
11
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. PS F:\Jumbotronic\take-1> npm audit
  2. # npm audit report
  3.  
  4. lodash <4.17.19
  5. Prototype Pollution - https://npmjs.com/advisories/1523
  6. No fix available
  7. node_modules/cypress/node_modules/lodash
  8. cypress 0.1.0 - 4.10.0
  9. Depends on vulnerable versions of extract-zip
  10. Depends on vulnerable versions of lodash
  11. Depends on vulnerable versions of minimist
  12. node_modules/cypress
  13. @vue/cli-plugin-e2e-cypress <=4.5.12
  14. Depends on vulnerable versions of cypress
  15. node_modules/@vue/cli-plugin-e2e-cypress
  16.  
  17. minimist <0.2.1 || >=1.0.0 <1.2.3
  18. Prototype Pollution - https://npmjs.com/advisories/1179
  19. No fix available
  20. node_modules/cypress/node_modules/minimist
  21. node_modules/extract-zip/node_modules/minimist
  22. cypress 0.1.0 - 4.10.0
  23. Depends on vulnerable versions of extract-zip
  24. Depends on vulnerable versions of lodash
  25. Depends on vulnerable versions of minimist
  26. node_modules/cypress
  27. @vue/cli-plugin-e2e-cypress <=4.5.12
  28. Depends on vulnerable versions of cypress
  29. mkdirp 0.4.1 - 0.5.1
  30. Depends on vulnerable versions of minimist
  31. node_modules/extract-zip/node_modules/mkdirp
  32. extract-zip <=1.6.7
  33. Depends on vulnerable versions of mkdirp
  34. node_modules/extract-zip
  35.  
  36. ssri 5.2.2 - 6.0.1 || 7.0.0 - 8.0.0
  37. Severity: moderate
  38. Regular Expression Denial of Service - https://npmjs.com/advisories/565
  39. fix available via `npm audit fix --force`
  40. Will install @vue/cli-service@4.1.1, which is a breaking change
  41. node_modules/ssri
  42. @vue/cli-service 4.0.0-alpha.0 - 4.5.12
  43. Depends on vulnerable versions of ssri
  44. Depends on vulnerable versions of terser-webpack-plugin
  45. node_modules/@vue/cli-service
  46. cacache 10.0.4 - 11.0.0 || 13.0.0 - 14.0.0
  47. Depends on vulnerable versions of ssri
  48. node_modules/terser-webpack-plugin/node_modules/cacache
  49. terser-webpack-plugin 2.1.1 - 2.3.8
  50. Depends on vulnerable versions of cacache
  51. node_modules/terser-webpack-plugin
  52.  
  53. yargs-parser <=13.1.1 || 14.0.0 - 15.0.0 || 16.0.0 - 18.1.1
  54. Prototype Pollution - https://npmjs.com/advisories/1500
  55. fix available via `npm audit fix --force`
  56. Will install @vue/cli-plugin-unit-jest@3.12.1, which is a breaking change
  57. node_modules/yargs-parser
  58. ts-jest 23.10.0-beta.1 - 25.2.1
  59. Depends on vulnerable versions of yargs-parser
  60. node_modules/ts-jest
  61. @vue/cli-plugin-unit-jest 4.0.0-alpha.0 - 4.5.12
  62. Depends on vulnerable versions of ts-jest
  63. node_modules/@vue/cli-plugin-unit-jest
  64.  
  65. 13 vulnerabilities (9 low, 4 moderate)
  66.  
  67. To address all issues possible (including breaking changes), run:
  68. npm audit fix --force
  69.  
  70. Some issues need review, and may require choosing
  71. a different dependency.
  72. PS F:\Jumbotronic\take-1> npm audit fix --force
  73. npm WARN using --force Recommended protections disabled.
  74. npm WARN audit Updating @vue/cli-service to 4.1.1,which is a SemVer major change.
  75. npm WARN audit No fix available for @vue/cli-plugin-e2e-cypress@<=4.5.12
  76. npm WARN audit Updating @vue/cli-plugin-unit-jest to 3.12.1,which is a SemVer major change.
  77. npm WARN deprecated kleur@2.0.2: Please upgrade to kleur@3 or migrate to 'ansi-colors' if you prefer the old syntax. Visit <https://github.com/lukeed/kleur/releases/tag/v3.0.0\> for migration path(s).
  78. npm WARN deprecated core-js@2.6.12: core-js@<3 is no longer maintained and not recommended for usage due to the number of issues. Please, upgrade your dependencies to the actual version of core-js@3.
  79.  
  80. added 190 packages, removed 90 packages, changed 27 packages, and audited 2267 packages in 21s
  81.  
  82. 79 packages are looking for funding
  83. run `npm fund` for details
  84.  
  85. # npm audit report
  86.  
  87. braces <2.3.1
  88. Regular Expression Denial of Service - https://npmjs.com/advisories/786
  89. fix available via `npm audit fix --force`
  90. Will install @vue/cli-plugin-unit-jest@4.5.12, which is a breaking change
  91. node_modules/@vue/cli-plugin-unit-jest/node_modules/braces
  92. micromatch 0.2.0 - 2.3.11
  93. Depends on vulnerable versions of braces
  94. node_modules/@vue/cli-plugin-unit-jest/node_modules/micromatch
  95. jest-cli 12.1.1-alpha.2935e14d || 12.1.2-alpha.6230044c - 24.8.0
  96. Depends on vulnerable versions of jest-config
  97. Depends on vulnerable versions of jest-message-util
  98. Depends on vulnerable versions of jest-runtime
  99. Depends on vulnerable versions of jest-snapshot
  100. Depends on vulnerable versions of micromatch
  101. Depends on vulnerable versions of yargs
  102. node_modules/@vue/cli-plugin-unit-jest/node_modules/jest-cli
  103. jest 18.5.0-alpha.7da3df39 - 22.4.4 || 23.4.0 - 23.6.0
  104. Depends on vulnerable versions of jest-cli
  105. node_modules/@vue/cli-plugin-unit-jest/node_modules/jest
  106. @vue/cli-plugin-unit-jest <=3.12.1
  107. Depends on vulnerable versions of jest
  108. node_modules/@vue/cli-plugin-unit-jest
  109. jest-config 18.5.0-alpha.7da3df39 - 24.0.0-alpha.16
  110. Depends on vulnerable versions of babel-jest
  111. Depends on vulnerable versions of jest-jasmine2
  112. Depends on vulnerable versions of jest-util
  113. Depends on vulnerable versions of micromatch
  114. node_modules/@vue/cli-plugin-unit-jest/node_modules/jest-config
  115. jest-runner 21.0.0-alpha.1 - 22.4.4 || 23.4.0 - 23.6.0
  116. Depends on vulnerable versions of jest-config
  117. Depends on vulnerable versions of jest-message-util
  118. node_modules/@vue/cli-plugin-unit-jest/node_modules/jest-runner
  119. jest-runtime 12.1.1-alpha.2935e14d - 24.8.0
  120. Depends on vulnerable versions of babel-plugin-istanbul
  121. Depends on vulnerable versions of jest-config
  122. Depends on vulnerable versions of jest-haste-map
  123. Depends on vulnerable versions of jest-message-util
  124. Depends on vulnerable versions of jest-util
  125. Depends on vulnerable versions of micromatch
  126. Depends on vulnerable versions of yargs
  127. node_modules/@vue/cli-plugin-unit-jest/node_modules/jest-runtime
  128. jest-haste-map 18.1.0 - 23.1.0 || 23.4.0 - 24.0.0-alpha.16
  129. Depends on vulnerable versions of micromatch
  130. node_modules/@vue/cli-plugin-unit-jest/node_modules/jest-haste-map
  131. jest-message-util 18.5.0-alpha.7da3df39 - 23.1.0 || 23.4.0 - 24.0.0-alpha.16
  132. Depends on vulnerable versions of micromatch
  133. node_modules/@vue/cli-plugin-unit-jest/node_modules/jest-message-util
  134. expect 21.0.0-beta.1 - 22.4.3 || 23.4.0 - 23.6.0
  135. Depends on vulnerable versions of jest-message-util
  136. node_modules/@vue/cli-plugin-unit-jest/node_modules/expect
  137. jest-jasmine2 18.5.0-alpha.7da3df39 - 22.4.4 || 23.4.0 - 23.6.0
  138. Depends on vulnerable versions of expect
  139. Depends on vulnerable versions of jest-message-util
  140. Depends on vulnerable versions of jest-snapshot
  141. Depends on vulnerable versions of jest-util
  142. node_modules/@vue/cli-plugin-unit-jest/node_modules/jest-jasmine2
  143. jest-snapshot 23.4.0 - 23.6.0
  144. Depends on vulnerable versions of jest-message-util
  145. node_modules/@vue/cli-plugin-unit-jest/node_modules/jest-snapshot
  146. jest-resolve-dependencies 23.4.0 - 23.6.0
  147. Depends on vulnerable versions of jest-snapshot
  148. node_modules/@vue/cli-plugin-unit-jest/node_modules/jest-resolve-dependencies
  149. jest-util 18.5.0-alpha.7da3df39 - 22.4.3 || 23.4.0
  150. Depends on vulnerable versions of jest-message-util
  151. node_modules/@vue/cli-plugin-unit-jest/node_modules/jest-util
  152. jest-environment-jsdom 18.5.0-alpha.7da3df39 - 22.4.3 || 23.4.0
  153. Depends on vulnerable versions of jest-util
  154. node_modules/@vue/cli-plugin-unit-jest/node_modules/jest-environment-jsdom
  155. jest-environment-node 18.5.0-alpha.7da3df39 - 22.4.3 || 23.4.0
  156. Depends on vulnerable versions of jest-util
  157. node_modules/@vue/cli-plugin-unit-jest/node_modules/jest-environment-node
  158. test-exclude <=4.2.3
  159. Depends on vulnerable versions of micromatch
  160. node_modules/@vue/cli-plugin-unit-jest/node_modules/test-exclude
  161. babel-plugin-istanbul <=5.0.0
  162. Depends on vulnerable versions of test-exclude
  163. node_modules/@vue/cli-plugin-unit-jest/node_modules/babel-plugin-istanbul
  164. babel-jest 14.2.0-alpha.ca8bfb6e - 24.0.0-alpha.16
  165. Depends on vulnerable versions of babel-plugin-istanbul
  166. node_modules/@vue/cli-plugin-unit-jest/node_modules/babel-jest
  167.  
  168. lodash <4.17.19
  169. Prototype Pollution - https://npmjs.com/advisories/1523
  170. No fix available
  171. node_modules/cypress/node_modules/lodash
  172. cypress 0.1.0 - 4.10.0
  173. Depends on vulnerable versions of extract-zip
  174. Depends on vulnerable versions of lodash
  175. Depends on vulnerable versions of minimist
  176. node_modules/cypress
  177. @vue/cli-plugin-e2e-cypress <=4.5.12
  178. Depends on vulnerable versions of cypress
  179. node_modules/@vue/cli-plugin-e2e-cypress
  180.  
  181. minimist <0.2.1 || >=1.0.0 <1.2.3
  182. Prototype Pollution - https://npmjs.com/advisories/1179
  183. No fix available
  184. node_modules/cypress/node_modules/minimist
  185. node_modules/extract-zip/node_modules/minimist
  186. cypress 0.1.0 - 4.10.0
  187. Depends on vulnerable versions of extract-zip
  188. Depends on vulnerable versions of lodash
  189. Depends on vulnerable versions of minimist
  190. node_modules/cypress
  191. @vue/cli-plugin-e2e-cypress <=4.5.12
  192. Depends on vulnerable versions of cypress
  193. node_modules/@vue/cli-plugin-e2e-cypress
  194. mkdirp 0.4.1 - 0.5.1
  195. Depends on vulnerable versions of minimist
  196. node_modules/extract-zip/node_modules/mkdirp
  197. extract-zip <=1.6.7
  198. Depends on vulnerable versions of mkdirp
  199. node_modules/extract-zip
  200.  
  201. ssri 5.2.2 - 6.0.1 || 7.0.0 - 8.0.0
  202. Severity: moderate
  203. Regular Expression Denial of Service - https://npmjs.com/advisories/565
  204. fix available via `npm audit fix --force`
  205. Will install @vue/cli-service@3.12.1, which is a breaking change
  206. node_modules/ssri
  207. cacache 10.0.4 - 11.0.0 || 13.0.0 - 14.0.0
  208. Depends on vulnerable versions of ssri
  209. node_modules/terser-webpack-plugin/node_modules/cacache
  210. terser-webpack-plugin 2.1.1 - 2.3.8
  211. Depends on vulnerable versions of cacache
  212. node_modules/terser-webpack-plugin
  213. @vue/cli-service 4.0.0-alpha.0 - 4.5.12
  214. Depends on vulnerable versions of terser-webpack-plugin
  215. node_modules/@vue/cli-service
  216.  
  217. yargs-parser <=13.1.1 || 14.0.0 - 15.0.0 || 16.0.0 - 18.1.1
  218. Prototype Pollution - https://npmjs.com/advisories/1500
  219. Will install @vue/cli-plugin-unit-jest@4.5.12, which is a breaking change
  220. node_modules/@vue/cli-plugin-unit-jest/node_modules/yargs-parser
  221. node_modules/yargs-parser
  222. ts-jest 23.10.0-beta.1 - 25.2.1
  223. Depends on vulnerable versions of yargs-parser
  224. node_modules/ts-jest
  225. yargs 4.0.0-alpha1 - 12.0.5 || 14.1.0 || 15.0.0 - 15.2.0
  226. Depends on vulnerable versions of yargs-parser
  227. node_modules/@vue/cli-plugin-unit-jest/node_modules/yargs
  228. jest-cli 12.1.1-alpha.2935e14d || 12.1.2-alpha.6230044c - 24.8.0
  229. Depends on vulnerable versions of jest-config
  230. Depends on vulnerable versions of jest-message-util
  231. Depends on vulnerable versions of jest-runtime
  232. Depends on vulnerable versions of jest-snapshot
  233. Depends on vulnerable versions of micromatch
  234. Depends on vulnerable versions of yargs
  235. node_modules/@vue/cli-plugin-unit-jest/node_modules/jest-cli
  236. jest 18.5.0-alpha.7da3df39 - 22.4.4 || 23.4.0 - 23.6.0
  237. Depends on vulnerable versions of jest-cli
  238. node_modules/@vue/cli-plugin-unit-jest/node_modules/jest
  239. @vue/cli-plugin-unit-jest <=3.12.1
  240. Depends on vulnerable versions of jest
  241. node_modules/@vue/cli-plugin-unit-jest
  242. jest-runtime 12.1.1-alpha.2935e14d - 24.8.0
  243. Depends on vulnerable versions of babel-plugin-istanbul
  244. Depends on vulnerable versions of jest-config
  245. Depends on vulnerable versions of jest-haste-map
  246. Depends on vulnerable versions of jest-message-util
  247. Depends on vulnerable versions of jest-util
  248. Depends on vulnerable versions of micromatch
  249. Depends on vulnerable versions of yargs
  250. node_modules/@vue/cli-plugin-unit-jest/node_modules/jest-runtime
  251.  
  252. 33 vulnerabilities (29 low, 4 moderate)
  253.  
  254. To address issues that do not require attention, run:
  255. npm audit fix
  256.  
  257. To address all issues possible (including breaking changes), run:
  258. npm audit fix --force
  259.  
  260. Some issues need review, and may require choosing
  261. a different dependency.
  262. PS F:\Jumbotronic\take-1> ionic serve
  263. > vue-cli-service.cmd serve
  264. [vue-cli-service] INFO Starting development server...
  265. [vue-cli-service] Syntax Error: TypeError: Cannot read property 'parseComponent' of undefined
  266. [vue-cli-service] You may use special comments to disable some warnings.
RAW Paste Data