gpt4 book ai didi

javascript - npm install 后我收到错误 : Prototype Pollution in set-value

转载 作者:行者123 更新时间:2023-12-04 13:50:56 24 4
gpt4 key购买 nike

我在 React Native 中有一个应用程序,当我运行 npm install 时,我收到此错误“在 1182 个扫描包中发现 15 个漏洞(5 个中等,10 个高)”。运行 npm audit 后,大部分错误包含以下内容:

High Prototype Pollution in set-value

Package set-value

Patched in >=4.0.1

Dependency of react-native

Path react-native > @react-native-community/cli >@react-native-community/cli-plugin-metro > metro-config >metro-core > jest-haste-map > sane > anymatch > micromatch >braces > snapdragon > base > cache-base > set-value

More info https://github.com/advisories/GHSA-4jqc-8m5r-9rpr


和这个:

Moderate Inefficient Regular Expression Complexity inchalk/ansi-regex

Package ansi-regex

Patched in >=5.0.1

Dependency of react-native

Path react-native > @react-native-community/cli >strip-ansi >ansi-regex

More info https://github.com/advisories/GHSA-93q8-gq69-wqmw


谁能帮我解决这些问题?

最佳答案

对于 Moderate Inefficient Regular Expression Complexity in chalk/ansi-regex请参阅 Qix 对以下主题的评论:https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
tldr:在用户输入到达 API 之前对其进行清理(如果适用)

关于javascript - npm install 后我收到错误 : Prototype Pollution in set-value,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/69491480/

24 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com