hey i get 27 vulnerabilities.... but iam about to build a web app just for a college assignment.... i wanna know will my web application work even with those vulnerabilities? ... coz have just created the app and its starting to show vulnerabilities, every one on utube talks abt fixing this issue in already ongong app... so i decided to ignore and start building... will it work??
Thanks For watching. As per the document we have this npm audit --audit-level=critical But this is not working. As a workaround try this npm audit | grep critical -B3 -A10
@@RethinkingUI thanks it is working. Package: ssri Dependency of: npm Path : npm > ssri My issue is like , need to update the npm ssri ... package.json file , I cant able to see the ssri package...it is available under npm package.json file. Package-lock.json We can't able to edit right, so if I change the npm latest version also it's not working... So how we need to fix it?
Very well explained Sir!! Just a small question, I have 2 high vulnerabilities, and the helping link tells Remediation: Upgrade to version 5.0.1 or later, I don't know how to do it, please help.
We should not use npm audit fix - - force. Try to address those issues manually. If we do force audit fix we may get version compatibility issues. Do npm audit and when we get list of issues, along with the issue we will get link below it how to fix it. Try that
Hi Some of the dependency issues are resolved by lower versions. For example , hammerjs 2.0.8 causing CRITICAL vulnerability issue. But if I changed to lower version 2.0.2 ,then issue resolved. How is it working?
If u get any critical issues. Its better to upgrade the version instead downgrade. Ur issue resolved bcoz critical issue is present in 2.0.8 version not on 2.0.2 version.
@@GaneshKumar-sk2rp if ur getting this issue, when ur running ur application. Then its related to ur application issue. This video about identifying the security issues with npm audit.
The little noise a 4:51 is golden. Thank you for the laugh on a boring work day.
Thanks!
hey i get 27 vulnerabilities.... but iam about to build a web app just for a college assignment.... i wanna know will my web application work even with those vulnerabilities? ... coz have just created the app and its starting to show vulnerabilities, every one on utube talks abt fixing this issue in already ongong app... so i decided to ignore and start building... will it work??
Simple, straight forward and it fixed my issue. Many thanks.
Thank u
hi what if i want to swap every two characters in a string
could you please explain that
Sure will try to do a video on that
@@RethinkingUI Thank you please do it soon ❤
My npm audit doesn't show anything when i command it and 3 moderate vulnerabilitys are ruining my tris to uses shortid
Thanks for sharing. A must-know information.
Thank u
Well explained! Keep up the good work.
Thank u
Great Tutorial! Please add more videos!
Sure
Thanks for nice explainaition. So if I want to get only critical issues mean, which npm command we need to run and get it?
Thanks For watching.
As per the document we have this
npm audit --audit-level=critical
But this is not working.
As a workaround try this npm audit | grep critical -B3 -A10
@@RethinkingUI thanks it is working.
Package: ssri
Dependency of: npm
Path : npm > ssri
My issue is like , need to update the npm ssri ... package.json file , I cant able to see the ssri package...it is available under npm package.json file.
Package-lock.json
We can't able to edit right, so if I change the npm latest version also it's not working...
So how we need to fix it?
Excellent job brother..
Thank u
thanks a lot brother
Thank you. Please share the video
Hello Sir
I am facing some vulnerabilities like "denial of service in hapi"
"Insufficient Entropy in cryptiles" how to resolve those.
Very well explained Sir!! Just a small question, I have 2 high vulnerabilities, and the helping link tells Remediation: Upgrade to version 5.0.1 or later, I don't know how to do it, please help.
Upgrade to 5.0.1 version npm I packagename@5.0.1. And check the same compatibility with ur application
I did npm i react-scripts@latest -S for updating but nothing happened vulnerabilities are still there.
Check which packages and versions ur getting issue
@@RethinkingUI sir could u plz the command for updating to that version?
@@RethinkingUI package is react-scripts > optimize-css-assets-webpack-plugin > cssnano
> cssnano-preset-default > postcss-svgo > svgo > css-select
> css-what
the terminal is asking to use `npm audit fix --force` and even after doing this..the vulnerability remains
please help!
We should not use npm audit fix - - force. Try to address those issues manually. If we do force audit fix we may get version compatibility issues. Do npm audit and when we get list of issues, along with the issue we will get link below it how to fix it. Try that
I have NPM version 7.10.0, but when I run npm audit, it doesn't look the same like it does on your screen. Why?
We need to run npm audit in any of the react, Angular or vuejs applications. In which package.json dependencies available.
Hi
Some of the dependency issues are resolved by lower versions.
For example , hammerjs 2.0.8 causing CRITICAL vulnerability issue. But if I changed to lower version 2.0.2 ,then issue resolved.
How is it working?
If u get any critical issues. Its better to upgrade the version instead downgrade. Ur issue resolved bcoz critical issue is present in 2.0.8 version not on 2.0.2 version.
Even though issue s resolved, is it good way to put lower version?
Bro what is the comment for install react router
npm i react-router
For me it shows http is not defined
But I installed every packages
What to do
When ur getting http is not defined, While u running application or when u run npm audit.
@@RethinkingUI when running my program also it shows
createserver is not defined
@@GaneshKumar-sk2rp if ur getting this issue, when ur running ur application. Then its related to ur application issue. This video about identifying the security issues with npm audit.
Thanks bro