DEV Community

Anna Villarreal
Anna Villarreal

Posted on

Vulnerabilities: Cause for Concern

#vscode #npm #javascript #security

So, it's a bit alarming when your terminal is showing you all kinds of vulnerabilities. After running npm audit and npm audit fix, I see a slew of red flags. So, of course, I traversed the web in search of answers. After updating everything multiple times and trying different versions, I only ended up with more red flags.

xmldom critical vulnerabilities

Which vulnerabilities should I be concerned about? After reading several forums and blogs, it seems as though having some vulnerabilities at any point is almost unescapable.

I saw that you can force some things by tweaking the package-lock.json file. I also saw that some things will say "No fix available" Well, thats not very comforting.

vulnerabilities

I'm interested in hearing about how you manage your vulnerabilities - and how do we know if they are a cause for concern? I'd love to hear you're feedback and recommendations. Thank you!

profile
Sentry
 Promoted

Sentry image

Hands-on debugging session: instrument, monitor, and fix

Join Lazar for a hands-on session where you’ll build it, break it, debug it, and fix it. You’ll set up Sentry, track errors, use Session Replay and Tracing, and leverage some good ol’ AI to find and fix issues fast.

RSVP here →

Top comments (0)

profile
Sentry
 Promoted

Sentry image

See why 4M developers consider Sentry, “not bad.”

Fixing code doesn’t have to be the worst part of your day. Learn how Sentry can help.

Learn more

Read next

antkales profile image

Counter - A React library for animating numeric transitions

Anton -

araldhafeeri profile image

How I Replaced 2000 Lines of Code with Just 300 in Redux Store — Without Breaking the App!

Ahmed Rakan -

zahrasandran profile image

TypeScript Generics: A Complete Guide

Zahra Sandra Nasaka -

rmion profile image

Mull It Over

Robert Mion -