Read the statement by Michael Teeuw here.
WARN notice [SECURITY] lodash has the following vulnerability....
-
Hi everybody,
just did a fresh and new install of the latest Rasbian installation on my Pi 3B+ and installed MM2 again.
However during installation I got a lot of notifications about vulnerability’s and that I had to run: npm i npm@latest -g.
But is that normal?? I just did a fresh installation on an new sd card and already I have an outdated someting??? -
@mwel1977 Experienced the same. npm is doing audits now. Don’t know since when. However they are not errors, only vulnerabilities.
Do anpm auditand find out more about them.
-
Perhaps worth mentioning
Recently, I wiped a laptop and installed the newest ubuntu (18.04?), the latest stable node and then MM. The MM installation reported way too many vulnerabilities. I didn’t like that at all. I wiped the laptop again but this time I installed ubuntu 16.04 LTS, the latest stable node and MM. Not one vulnerability reported. Odd.
-
@mykle1 So what were the respective versions of node? Maybe the older ubuntu version uses an older node version?
I had the feeling that it was purely note-related but I may be wrong. -
In both cases, I installed node 10.13.0 LTS. ubuntu 16.04 LTS had no complaints and issued no warnings. It’s the
newer/latest LTS version of ubuntu where node issued all those warnings. Go figure.
Hello! It looks like you're interested in this conversation, but you don't have an account yet.
Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.
With your input, this post could be even better 💗
Register Login