You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
However, I received the following vulnerability warning in npm audit and docker scanning.
Could you please help me have a look and let me know how to resolve the issue? Thanks
NPM Audit Report
# npm audit report
braces <3.0.3
Severity: high
Uncontrolled resource consumption in braces - https://github.com/advisories/GHSA-grv7-fg5c-xmjg
fix available via `npm audit fix --force`
Will install gulp@5.0.0, which is a breaking change
node_modules/braces
chokidar 1.3.0 - 2.1.8
Depends on vulnerable versions of anymatch
Depends on vulnerable versions of braces
Depends on vulnerable versions of readdirp
node_modules/chokidar
glob-watcher 5.0.0 - 5.0.5
Depends on vulnerable versions of anymatch
Depends on vulnerable versions of chokidar
node_modules/glob-watcher
gulp 4.0.0 - 4.0.2
Depends on vulnerable versions of glob-watcher
Depends on vulnerable versions of gulp-cli
node_modules/gulp
micromatch 0.2.0 - 3.1.10
Depends on vulnerable versions of braces
node_modules/micromatch
anymatch 1.2.0 - 2.0.0
Depends on vulnerable versions of micromatch
node_modules/anymatch
findup-sync 0.4.0 - 3.0.0
Depends on vulnerable versions of micromatch
node_modules/findup-sync
node_modules/matchdep/node_modules/findup-sync
liftoff 2.2.3 - 3.1.0
Depends on vulnerable versions of findup-sync
node_modules/liftoff
gulp-cli 1.3.0 - 2.3.0
Depends on vulnerable versions of liftoff
Depends on vulnerable versions of matchdep
node_modules/gulp-cli
matchdep >=1.0.1
Depends on vulnerable versions of findup-sync
Depends on vulnerable versions of micromatch
node_modules/matchdep
readdirp 2.2.0 - 2.2.1
Depends on vulnerable versions of micromatch
node_modules/readdirp
11 high severity vulnerabilities
To address issues that do not require attention, run:
npm audit fix
To address all issues (including breaking changes), run:
npm audit fix --force
NPM Why
braces@2.3.2 dev
node_modules/braces
braces@"^2.3.2" from chokidar@2.1.8
node_modules/chokidar
chokidar@"^2.0.0" from glob-watcher@5.0.5
node_modules/glob-watcher
glob-watcher@"^5.0.3" from gulp@4.0.2
node_modules/gulp
dev gulp@"^4.0.2" from fos-router@2.5.0
vendor/friendsofsymfony/jsrouting-bundle/Resources
fos-router@2.5.0
node_modules/fos-router
dev fos-router@"file:vendor/friendsofsymfony/jsrouting-bundle/Resources" from the root project
braces@"^2.3.1" from micromatch@3.1.10
node_modules/micromatch
micromatch@"^3.1.4" from anymatch@2.0.0
node_modules/anymatch
anymatch@"^2.0.0" from chokidar@2.1.8
node_modules/chokidar
chokidar@"^2.0.0" from glob-watcher@5.0.5
node_modules/glob-watcher
glob-watcher@"^5.0.3" from gulp@4.0.2
node_modules/gulp
dev gulp@"^4.0.2" from fos-router@2.5.0
vendor/friendsofsymfony/jsrouting-bundle/Resources
fos-router@2.5.0
node_modules/fos-router
dev fos-router@"file:vendor/friendsofsymfony/jsrouting-bundle/Resources" from the root project
anymatch@"^2.0.0" from glob-watcher@5.0.5
node_modules/glob-watcher
glob-watcher@"^5.0.3" from gulp@4.0.2
node_modules/gulp
dev gulp@"^4.0.2" from fos-router@2.5.0
vendor/friendsofsymfony/jsrouting-bundle/Resources
fos-router@2.5.0
node_modules/fos-router
dev fos-router@"file:vendor/friendsofsymfony/jsrouting-bundle/Resources" from the root project
micromatch@"^3.0.4" from findup-sync@3.0.0
node_modules/findup-sync
findup-sync@"^3.0.0" from liftoff@3.1.0
node_modules/liftoff
liftoff@"^3.1.0" from gulp-cli@2.3.0
node_modules/gulp-cli
gulp-cli@"^2.2.0" from gulp@4.0.2
node_modules/gulp
dev gulp@"^4.0.2" from fos-router@2.5.0
vendor/friendsofsymfony/jsrouting-bundle/Resources
fos-router@2.5.0
node_modules/fos-router
dev fos-router@"file:vendor/friendsofsymfony/jsrouting-bundle/Resources" from the root project
micromatch@"^3.0.4" from matchdep@2.0.0
node_modules/matchdep
matchdep@"^2.0.0" from gulp-cli@2.3.0
node_modules/gulp-cli
gulp-cli@"^2.2.0" from gulp@4.0.2
node_modules/gulp
dev gulp@"^4.0.2" from fos-router@2.5.0
vendor/friendsofsymfony/jsrouting-bundle/Resources
fos-router@2.5.0
node_modules/fos-router
dev fos-router@"file:vendor/friendsofsymfony/jsrouting-bundle/Resources" from the root project
micromatch@"^3.0.4" from findup-sync@2.0.0
node_modules/matchdep/node_modules/findup-sync
findup-sync@"^2.0.0" from matchdep@2.0.0
node_modules/matchdep
matchdep@"^2.0.0" from gulp-cli@2.3.0
node_modules/gulp-cli
gulp-cli@"^2.2.0" from gulp@4.0.2
node_modules/gulp
dev gulp@"^4.0.2" from fos-router@2.5.0
vendor/friendsofsymfony/jsrouting-bundle/Resources
fos-router@2.5.0
node_modules/fos-router
dev fos-router@"file:vendor/friendsofsymfony/jsrouting-bundle/Resources" from the root project
micromatch@"^3.1.10" from readdirp@2.2.1
node_modules/readdirp
readdirp@"^2.2.1" from chokidar@2.1.8
node_modules/chokidar
chokidar@"^2.0.0" from glob-watcher@5.0.5
node_modules/glob-watcher
glob-watcher@"^5.0.3" from gulp@4.0.2
node_modules/gulp
dev gulp@"^4.0.2" from fos-router@2.5.0
vendor/friendsofsymfony/jsrouting-bundle/Resources
fos-router@2.5.0
node_modules/fos-router
dev fos-router@"file:vendor/friendsofsymfony/jsrouting-bundle/Resources" from the root project
The text was updated successfully, but these errors were encountered:
Description
I followed the below official docs to install the FOSJsRoutingBundle with Symfony Webencore.
https://github.com/FriendsOfSymfony/FOSJsRoutingBundle/blob/master/Resources/doc/installation.rst#step-5-if-you-are-using-webpack-install-the-npm-package-locally
However, I received the following vulnerability warning in
npm audit
and docker scanning.Could you please help me have a look and let me know how to resolve the issue? Thanks
NPM Audit Report
NPM Why
The text was updated successfully, but these errors were encountered: