我跑的npm install时候说found 33 vulnerabilities (2 low, 31 moderate)
run `npm audit fix` to fix them, or `npm audit` for details.
但是,npm audit fix产出up to date in 11s
fixed 0 of 33 vulnerabilities in 24653 scanned packages
33 vulnerabilities required manual review and could not be updated
这是否review意味着它不应由用户修复?
当我运行npm audit它时,给我一个表的列表,类似于Update to version 4.17.5 or later.
在此示例中,链接页面的修复部分说/node_modules/browser-sync/package.json.但是,/node_modules/lodash/lodash.json有以下几行:
????????????????????????????????????????????????????????????????????????????????
? Low ? Prototype Pollution ?
????????????????????????????????????????????????????????????????????????????????
? …