'vulnerability warning in npm packages when creating Expo project
When i install some npm packages into my projects, for most, i get a warning or a vulnerability error.
npm WARN deprecated [email protected]: This SVGO version is no longer supported. Upgrade to v2.x.x.
npm WARN deprecated [email protected]: This package has been deprecated and now it only exports makeExecutableSchema.\nAnd it will no longer receive updates.\nWe recommend you to migrate to scoped packages such as @graphql-tools/schema, @graphql-tools/utils and etc.\nCheck out https://www.graphql-tools.com to learn what package you should use instead
27 vulnerabilities (16 moderate, 9 high, 2 critical)
the above was displayed when i created an expo project. my questions are:
- What can i do to fix the vulnerabilities?
- Most warnings are enter code herefrom deprecated packages. What can be done about them?
- For projects where security is important, What i'm i supposed to do?
Solution 1:[1]
You can update the dependencys, normaly is that, you have a npm update in global outside your proyect but maybe inside your new proyect not yet so use: npm install -g npm-check
Here you have a link who explain all of that, but is in spanish: https://lenguajejs.com/npm/administracion/actualizar-dependencias-npm/
Solution 2:[2]
If you find this problem then go to npm list --depth 0 and check out the dependencies and then fix your problems by having the right version.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | |
| Solution 2 | Ali Akbar |