I am getting 6 vulnerabilities after running npm audit report
:
I tried a solution and overridden the vulnerable versions of a particular package with their latest versions in package.json file like this:
"overrides": {
"nth-check": "2.1.1",
"@svgr/webpack": "6.5.1",
"@svgr/plugin-svgo": "6.5.1",
"svgo": "3.0.1",
"css-select": "5.1.0"
}
Then I updated the npm packages with npm update. But it did not change the result.
Tried another solution by making a resolution object in package.json and specified specific versions of a particular package, and ran it using npx i npm-force-resolutions but it gives this error:
npm ERR! could not determine executable to run.
But I am still unable to fix the npm vulnerabilities. Please help!
You should delete both
node_modules
andpackage-lock.json
before launchingnpm install
again; this will require more time to install all dependencies, but this will override all the version that are currently installed (it will bring also minor updates in dependencies).Also, for this vulnerability, you only need to override
nth-check
. You can see the changes by executingnpm list nth-check
with and without the override (remember to delete bothnode_modules
andpackage-lock.json
).