You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Installing packages. This might take a couple of minutes.
Installing react, react-dom, and react-scripts with cra-template...
added 1482 packages in 4m
261 packages are looking for funding
run npm fund for details
Initialized a git repository.
Installing template dependencies using npm...
added 63 packages, and changed 1 package in 25s
261 packages are looking for funding
run npm fund for details
Removing template package using npm...
removed 1 package, and audited 1545 packages in 6s
261 packages are looking for funding
run npm fund for details
8 vulnerabilities (2 moderate, 6 high)
To address all issues (including breaking changes), run:
npm audit fix --force
Run npm audit for details.
Created git commit.
Success! Created mern-stack at C:\Users\LENOVO\Desktop\programing_Files\node_Files\learing_react\mern-stack
Inside that directory, you can run several commands:
npm start
Starts the development server.
npm run build
Bundles the app into static files for production.
npm test
Starts the test runner.
npm run eject
Removes this tool and copies build dependencies, configuration files
and scripts into the app directory. If you do this, you can’t go back!
261 packages are looking for funding
run npm fund for details
8 vulnerabilities (2 moderate, 6 high)
To address all issues (including breaking changes), run:
npm audit fix --force
Run npm audit for details.
PS C:\mern-stack> npm audit
npm audit report
nth-check <2.0.1
Severity: high
Inefficient Regular Expression Complexity in nth-check - GHSA-rp65-9cf3-cjxr
fix available via npm audit fix --force
Will install [email protected], which is a breaking change
node_modules/svgo/node_modules/nth-check
css-select <=3.1.0
Depends on vulnerable versions of nth-check
node_modules/svgo/node_modules/css-select
svgo 1.0.0 - 1.3.2
Depends on vulnerable versions of css-select
node_modules/svgo
@svgr/plugin-svgo <=5.5.0
Depends on vulnerable versions of svgo
node_modules/@svgr/plugin-svgo
@svgr/webpack 4.0.0 - 5.5.0
Depends on vulnerable versions of @svgr/plugin-svgo
node_modules/@svgr/webpack
react-scripts >=2.1.4
Depends on vulnerable versions of @svgr/webpack
Depends on vulnerable versions of resolve-url-loader
node_modules/react-scripts
postcss <8.4.31
Severity: moderate
PostCSS line return parsing error - GHSA-7fh5-64p2-3v2j
fix available via npm audit fix --force
Will install [email protected], which is a breaking change
node_modules/resolve-url-loader/node_modules/postcss
resolve-url-loader 0.0.1-experiment-postcss || 3.0.0-alpha.1 - 4.0.0
Depends on vulnerable versions of postcss
node_modules/resolve-url-loader
8 vulnerabilities (2 moderate, 6 high)
To address all issues (including breaking changes), run:
npm audit fix --force
The text was updated successfully, but these errors were encountered:
I have this PR (#13778), which could hopefully fix it without having to use overrides, etc.
I was having exactly the same on my app. Once I updated the react-scripts package to use latest dependencies on the places where those vulnerable package versions were used, I then got 0 vulnerabilities.
PS C:> npx create-react-app mern-stack
Creating a new React app in C:\mern-stack.
Installing packages. This might take a couple of minutes.
Installing react, react-dom, and react-scripts with cra-template...
added 1482 packages in 4m
261 packages are looking for funding
run
npm fund
for detailsInitialized a git repository.
Installing template dependencies using npm...
added 63 packages, and changed 1 package in 25s
261 packages are looking for funding
run
npm fund
for detailsRemoving template package using npm...
removed 1 package, and audited 1545 packages in 6s
261 packages are looking for funding
run
npm fund
for details8 vulnerabilities (2 moderate, 6 high)
To address all issues (including breaking changes), run:
npm audit fix --force
Run
npm audit
for details.Created git commit.
Success! Created mern-stack at C:\Users\LENOVO\Desktop\programing_Files\node_Files\learing_react\mern-stack
Inside that directory, you can run several commands:
npm start
Starts the development server.
npm run build
Bundles the app into static files for production.
npm test
Starts the test runner.
npm run eject
Removes this tool and copies build dependencies, configuration files
and scripts into the app directory. If you do this, you can’t go back!
We suggest that you begin by typing:
cd mern-stack
npm start
Happy hacking!
PS C:\cd .\mern-stack
PS C:\mern-stack> npm fund
[email protected]
├─┬ https://github.com/chalk/chalk?sponsor=1
│ │ └── [email protected]
│ └── https://github.com/chalk/ansi-styles?sponsor=1
│ └── [email protected], [email protected], [email protected]
├── https://github.com/sponsors/jonschlinkert
│ └── [email protected]
├── https://github.com/sponsors/sibiraj-s
│ └── [email protected]
├── https://github.com/sponsors/ljharb
│ └── [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected]
├── https://opencollective.com/babel
│ └── @babel/[email protected]
├─┬ https://github.com/sponsors/gregberge
│ │ └── @svgr/[email protected], @svgr/[email protected], @svgr/[email protected], @svgr/[email protected], @svgr/[email protected], @svgr/[email protected], @svgr/[email protected], @svgr/[email protected], @svgr/[email protected], @svgr/[email protected], @svgr/[email protected], @svgr/[email protected], @svgr/[email protected], @svgr/[email protected]
│ └── https://opencollective.com/core-js
│ └── [email protected], [email protected], [email protected]
├── https://opencollective.com/browserslist
│ └── [email protected], [email protected], [email protected]
├── https://opencollective.com/webpack
│ └── [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected]
├─┬ https://opencollective.com/eslint
│ │ └── [email protected], @eslint/[email protected], [email protected], [email protected], [email protected]
│ ├── https://github.com/sponsors/nzakas
│ │ └── @humanwhocodes/[email protected]
│ └── https://github.com/sponsors/isaacs
│ └── [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected]
├─┬ https://opencollective.com/html-webpack-plugin
│ │ └── [email protected]
│ └── https://github.com/fb55/htmlparser2?sponsor=1
│ └── [email protected]
├── https://opencollective.com/postcss/
│ └── [email protected], [email protected], [email protected], [email protected], [email protected]
├─┬ https://opencollective.com/csstools
│ │ └── [email protected], @csstools/[email protected], @csstools/[email protected], @csstools/[email protected], @csstools/[email protected], @csstools/[email protected], @csstools/[email protected], @csstools/[email protected], @csstools/[email protected], @csstools/[email protected], @csstools/[email protected], @csstools/[email protected], @csstools/[email protected], @csstools/[email protected], @csstools/[email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected]
│ └── https://ko-fi.com/mrcgrtz
│ └── [email protected]
├── https://github.com/sponsors/mdevils
│ └── [email protected]
├── https://github.com/chalk/supports-color?sponsor=1
│ └── [email protected]
├── https://github.com/avajs/find-cache-dir?sponsor=1
│ └── [email protected]
├── https://opencollective.com/typescript-eslint
│ └── @typescript-eslint/[email protected], @typescript-eslint/[email protected], @typescript-eslint/[email protected], @typescript-eslint/[email protected], @typescript-eslint/[email protected], @typescript-eslint/[email protected], @typescript-eslint/[email protected], @typescript-eslint/[email protected], @typescript-eslint/[email protected]
├── https://github.com/sindresorhus/emittery?sponsor=1
│ └── [email protected]
├── https://github.com/sindresorhus/execa?sponsor=1
│ └── [email protected]
├─┬ https://github.com/chalk/strip-ansi?sponsor=1
│ │ └── [email protected]
│ └── https://github.com/chalk/ansi-regex?sponsor=1
│ └── [email protected]
├── https://opencollective.com/immer
│ └── [email protected]
└── https://paulmillr.com/funding/
└── [email protected]
PS C:\mern-stack> npm install react-scripts@latest
up to date, audited 1545 packages in 4s
261 packages are looking for funding
run
npm fund
for details8 vulnerabilities (2 moderate, 6 high)
To address all issues (including breaking changes), run:
npm audit fix --force
Run
npm audit
for details.PS C:\mern-stack> npm audit
npm audit report
nth-check <2.0.1
Severity: high
Inefficient Regular Expression Complexity in nth-check - GHSA-rp65-9cf3-cjxr
fix available via
npm audit fix --force
Will install [email protected], which is a breaking change
node_modules/svgo/node_modules/nth-check
css-select <=3.1.0
Depends on vulnerable versions of nth-check
node_modules/svgo/node_modules/css-select
svgo 1.0.0 - 1.3.2
Depends on vulnerable versions of css-select
node_modules/svgo
@svgr/plugin-svgo <=5.5.0
Depends on vulnerable versions of svgo
node_modules/@svgr/plugin-svgo
@svgr/webpack 4.0.0 - 5.5.0
Depends on vulnerable versions of @svgr/plugin-svgo
node_modules/@svgr/webpack
react-scripts >=2.1.4
Depends on vulnerable versions of @svgr/webpack
Depends on vulnerable versions of resolve-url-loader
node_modules/react-scripts
postcss <8.4.31
Severity: moderate
PostCSS line return parsing error - GHSA-7fh5-64p2-3v2j
fix available via
npm audit fix --force
Will install [email protected], which is a breaking change
node_modules/resolve-url-loader/node_modules/postcss
resolve-url-loader 0.0.1-experiment-postcss || 3.0.0-alpha.1 - 4.0.0
Depends on vulnerable versions of postcss
node_modules/resolve-url-loader
8 vulnerabilities (2 moderate, 6 high)
To address all issues (including breaking changes), run:
npm audit fix --force
The text was updated successfully, but these errors were encountered: