npm audit show me report “postcss and nth-check will be update to ver 8.4.31 or latest (postcss) and to ver 2.0.1 or latest(nth-check)”

  Kiến thức lập trình

npm audit show me report “postcss and nth-check will be update to ver 8.4.31 or latest (postcss) and to ver 2.0.1 or latest(nth-check)”

latest versions on 4/18/2024: “8.4.38” and “2.1.1”

i updated this packpage to latest versions (i updated this packpage to “8.4.31” and “2.0.1” versions before)

BUT

npm audit show me report:

  === npm audit security report ===                        
                                                                            
                                                                            
                             Manual Review                                  
         Some vulnerabilities require your attention to resolve             

      Visit https://go.npm.me/audit-guide for additional guidance

Moderate PostCSS line return parsing error

Package postcss

Patched in >=8.4.31

Dependency of react-scripts

Path react-scripts > resolve-url-loader > postcss

More info https://github.com/advisories/GHSA-7fh5-64p2-3v2j

High Inefficient Regular Expression Complexity in nth-check

Package nth-check

Patched in >=2.0.1

Dependency of react-scripts

Path react-scripts > @svgr/webpack > @svgr/plugin-svgo > svgo >
css-select > nth-check

More info https://github.com/advisories/GHSA-rp65-9cf3-cjxr

found 2 vulnerabilities (1 moderate, 1 high) in 1584 scanned packages
2 vulnerabilities require manual review. See the full report for details.

I reached out to the GP chat. he told me to reach out to the developer community

/////////////////////////////

my IDE: “WebStorm”

  • npm
  • webstorm
  • postcss
  • react-scripts

New contributor

Александр Пушкин is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

LEAVE A COMMENT