DEV Community

kobecow
kobecow

Posted on • Edited on

How to update NPM Module for vulnerability

#howto #node #npm #vulnerability

Github Shows security alert!?

After tiny push, I saw security alert on Github.

security_alert image

WOW. I've never seen it before. What should I do?

Step one-by-one.

This is what I did after googling.

1. Look at your security alert.

On my case, It said clean-css needed update.

details of security alert

2. Check your module

On project directory, npm audit executed.
The result was

output of npm audit

3. npm audit fix

npm audit fix executed.

a part of result was

+ pug@2.0.4
removed 3 packages and updated 9 packages in 5.479s

4. Check your module again.

On project directory, npm audit executed.
The result was


                       === npm audit security report ===                        

found 0 vulnerabilities

That's it. Pretty easy pattern.
Let's go back developing.

Top comments (0)

Read next

feliciawalker profile image

Using Your Own Node Modules With Playwright

Felicia Walker -

vsnikhilvs profile image

Package Manager Fight: npm vs pnpm vs npx vs yarn vs bun

Nikhil Vikraman -

thinkthroo profile image

How Shadcn CLI uses error constants to improve code readability

thinkThroo -

balrajola profile image

10 NPM Packages for Productivity

Balraj Singh -