Express JS install giving many venerabilities, incl 'critical'
I'm following a tutorial which is about to get into how to use Express JS for setting up a server, and I went to install Express and got back all kinds of venerabilities, including critical.
I don't have anything else installed except for 'nodemon' for auto-restarting the server upon save.
Does any one know why I'm getting all of these venerabilities?/If/How to address them?
4 Replies
You can run
npm audit to see a more detailed list. But the npm system to label vulnerabilities is broken and does not necessarily reflect the reality so it's best to ignore those warnings. Not because they are automatically false, but it's just not reliable indicator of how many or how severe the vulnerabilities really are.npm audit: Broken by Design
Found 99 vulnerabilities (84 moderately irrelevant, 15 highly irrelevant)
This is from a couple of years ago so things may have changed since.
alright, well looking at them I don't see anything I've done in my own code, so I guess I'lll just ignore it then