离子启动项目时远程代码执行错误
Remote Code Execution ERROR when ionic start project
=== npm audit security report ===
┌──────────────────────────────────────────────────────────────────────────────┐
│ Manual Review │
│ Some vulnerabilities require your attention to resolve │
│ │
│ Visit https://go.npm.me/audit-guide for additional guidance │
└──────────────────────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ High │ Remote Code Execution │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ serialize-javascript │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=3.1.0 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @ionic/angular-toolkit [dev] │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ @ionic/angular-toolkit > copy-webpack-plugin > │
│ │ serialize-javascript │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/1548 │
└───────────────┴──────────────────────────────────────────────────────────────┘
found 2 vulnerabilities (1 low, 1 high) in 1493 scanned packages
1 vulnerability requires semver-major dependency updates.
1 vulnerability requires manual review. See the full report for details.
当我开始使用 ionic start 的新项目时,出现此错误。
我该如何解决?谢谢大家。
我的离子信息在这里
Ionic CLI : 6.11.0 (/usr/local/lib/node_modules/@ionic/cli)
Ionic Framework : @ionic/angular 5.3.1
@angular-devkit/build-angular : 0.901.12
@angular-devkit/schematics : 9.1.12
@angular/cli : 9.1.12
@ionic/angular-toolkit : 2.3.0
来自https://docs.npmjs.com/auditing-package-dependencies-for-security-vulnerabilities
To find the package that must be updated, check the “Path” field for
the location of the package with the vulnerability, then check for the
package that depends on it. For example, if the path to the
vulnerability is @package-name > dependent-package >
package-with-vulnerability, you will need to update dependent-package.
npm i @ionic/angular-toolkit
Angular 工具包的 2.3.1 已发布!
=== npm audit security report ===
┌──────────────────────────────────────────────────────────────────────────────┐
│ Manual Review │
│ Some vulnerabilities require your attention to resolve │
│ │
│ Visit https://go.npm.me/audit-guide for additional guidance │
└──────────────────────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ High │ Remote Code Execution │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ serialize-javascript │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=3.1.0 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ @ionic/angular-toolkit [dev] │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ @ionic/angular-toolkit > copy-webpack-plugin > │
│ │ serialize-javascript │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/1548 │
└───────────────┴──────────────────────────────────────────────────────────────┘
found 2 vulnerabilities (1 low, 1 high) in 1493 scanned packages
1 vulnerability requires semver-major dependency updates.
1 vulnerability requires manual review. See the full report for details.
当我开始使用 ionic start 的新项目时,出现此错误。
我该如何解决?谢谢大家。
我的离子信息在这里
Ionic CLI : 6.11.0 (/usr/local/lib/node_modules/@ionic/cli)
Ionic Framework : @ionic/angular 5.3.1
@angular-devkit/build-angular : 0.901.12
@angular-devkit/schematics : 9.1.12
@angular/cli : 9.1.12
@ionic/angular-toolkit : 2.3.0
来自https://docs.npmjs.com/auditing-package-dependencies-for-security-vulnerabilities
To find the package that must be updated, check the “Path” field for the location of the package with the vulnerability, then check for the package that depends on it. For example, if the path to the vulnerability is @package-name > dependent-package > package-with-vulnerability, you will need to update dependent-package.
npm i @ionic/angular-toolkit
Angular 工具包的 2.3.1 已发布!