npm audit 检查出的高危漏洞 #146
Description
版本 2.5.13
当我用npm audit,检查出大量高危漏洞
下面是部分检查报告内容
High Inefficient Regular Expression Complexity in
chalk/ansi-regex
Package ansi-regex
Dependency of @umijs/fabric [dev]
Path @umijs/fabric > stylelint-config-rational-order > stylelint
> table > string-width > strip-ansi > ansi-regex
More info https://github.com/advisories/GHSA-93q8-gq69-wqmw
# Run npm update minimatch --depth 8 to resolve 6 vulnerabilities
High minimatch ReDoS vulnerability
Package minimatch
Dependency of @umijs/fabric [dev]
Path @umijs/fabric > eslint > minimatch
More info https://github.com/advisories/GHSA-f8q6-p94x-37v3