npm audit | FWCloud Forum

npm audit

ukro

Member
Greetings,
How to fix this please.
Everything else working OK.
Code:
npm audit fix
npm ERR! code EAUDITNOPJSON
npm ERR! audit No package.json found: Cannot audit a project without a package.json

npm ERR! A complete log of this run can be found in:
npm ERR!     /root/.npm/_logs/2021-05-19T11_31_54_830Z-debug.log

Code:
added 924 packages from 643 contributors and audited 928 packages in 13.783s

58 packages are looking for funding
  run `npm fund` for details

found 3745 vulnerabilities (67 moderate, 3678 high)
  run `npm audit fix` to fix them, or `npm audit` for details

api
added 884 packages from 1338 contributors and audited 965 packages in 11.176s

14 packages are looking for funding
  run `npm fund` for details

found 10 vulnerabilities (4 low, 1 moderate, 5 high)
  run `npm audit fix` to fix them, or `npm audit` for details

updater

> @nestjs/core@7.5.4 postinstall /opt/fwcloud/updater/node_modules/@nestjs/core
> opencollective || exit 0

added 1097 packages from 650 contributors and audited 1103 packages in 12.439s

57 packages are looking for funding
  run `npm fund` for details

found 3745 vulnerabilities (67 moderate, 3678 high)
  run `npm audit fix` to fix them, or `npm audit` for details
DONE
 

Carles Munyoz

Administrator
Staff member
Hello,
What Linux distribution and node version are you using ?

Best regards.
 
Last edited:

ukro

Member
Code:
 node -v
v14.17.0
Code:
 cat /etc/os-release
PRETTY_NAME="Debian GNU/Linux 10 (buster)"
 

Carles Munyoz

Administrator
Staff member
Hi,
We have solved it, please, may you launch again the FWCloud-Installer script?
You will still see a few npm packages with vulnerabilities in FWCloud-API, but it will be solved in the next release that we will publish in a few weeks.

The problems was in an npm package called lodash that is being used in thousand of other packages, for this reason a vulnerability in such npm package makes all the thousand depending packages vulnerable too.

Greetings.
 
Last edited:

ukro

Member
Roger that, will be waiting :)
Thank you!
P.S. this installtion is in local lan, so i wait for the new version. so i will not launch the installer again.
Don't want to delete the data that i have
 
Top