You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Expected behavior npm install requires no audit fixes to install JavaScript dependencies without warning.
Screenshots
Additional context
In this case the vulnerabilities I saw were actually just one vulnerability that was filed recently and has already been patched. It's no trouble to run npm audit fix, but I think that slows readers down. Worrying about whether they need to take care of vulnerabilities might detract from the goal of learning about WebAssembly and Rust.
For what it's worth, I'm using
nvm - v0.33.11
Node.js - v10.9.0
npm - v6.4.0
Git - v2.17.1
I believe this can be easily resolved by running the audit fixes and the committing the updated package-lock.json, but I've no idea what effect that will have on the branching structure for the repo.
The text was updated successfully, but these errors were encountered:
Hey @reillysiemens thanks for filing this! We recently restructured this repo to contain only the final code. Does this exist for the current version of the repo?
Describe the bug
Running the initial
npm install
on thechapter-zero
branch results in a warning about high severity vulnerabilities.To Reproduce
Steps to reproduce the behavior:
git clone https://github.com/rustwasm/wasm_game_of_life.git
cd wasm_game_of_life
git checkout -b chapter-zero origin/chapter-zero
npm install
Expected behavior
npm install
requires no audit fixes to install JavaScript dependencies without warning.Screenshots
Additional context
In this case the vulnerabilities I saw were actually just one vulnerability that was filed recently and has already been patched. It's no trouble to run
npm audit fix
, but I think that slows readers down. Worrying about whether they need to take care of vulnerabilities might detract from the goal of learning about WebAssembly and Rust.For what it's worth, I'm using
I believe this can be easily resolved by running the audit fixes and the committing the updated
package-lock.json
, but I've no idea what effect that will have on the branching structure for the repo.The text was updated successfully, but these errors were encountered: