npm audit show me report “postcss and nth-check will be update to ver 8.4.31 or latest (postcss) and to ver 2.0.1 or latest(nth-check)”
latest versions on 4/18/2024: “8.4.38” and “2.1.1”
i updated this packpage to latest versions (i updated this packpage to “8.4.31” and “2.0.1” versions before)
BUT
npm audit show me report:
=== npm audit security report ===
Manual Review
Some vulnerabilities require your attention to resolve
Visit https://go.npm.me/audit-guide for additional guidance
Moderate PostCSS line return parsing error
Package postcss
Patched in >=8.4.31
Dependency of react-scripts
Path react-scripts > resolve-url-loader > postcss
More info https://github.com/advisories/GHSA-7fh5-64p2-3v2j
High Inefficient Regular Expression Complexity in nth-check
Package nth-check
Patched in >=2.0.1
Dependency of react-scripts
Path react-scripts > @svgr/webpack > @svgr/plugin-svgo > svgo >
css-select > nth-check
More info https://github.com/advisories/GHSA-rp65-9cf3-cjxr
found 2 vulnerabilities (1 moderate, 1 high) in 1584 scanned packages
2 vulnerabilities require manual review. See the full report for details.
I reached out to the GP chat. he told me to reach out to the developer community
/////////////////////////////
my IDE: “WebStorm”