run `npm audit fix` to fix them, or `npm audit` for details

在VUE项目中执行npm install 出现如下提醒

added 1497 packages from 1055 contributors and audited 27518 packages in 40.021s
found 5 vulnerabilities (3 moderate, 2 high)
  run `npm audit fix` to fix them, or `npm audit` for details

npm audit fix 执行后:

npm WARN [email protected] requires a peer of webpack@^3.1.0 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of webpack@^1.9 || ^2 || ^2.1.0-beta || ^2.2.0-rc || ^3.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: [email protected] (node_modules\fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for [email protected]: wanted {"os":"darwin","arch":"any"} (current: {"os":"win32","arch":"x64"})

+ [email protected]
added 4 packages from 7 contributors and updated 2 packages in 11.505s
fixed 3 of 5 vulnerabilities in 27518 scanned packages
  2 vulnerabilities required manual review and could not be updated

从npm官网上查阅了对于npm audit fix的相关介绍。

npm audit : audit命令将项目中配置的依赖项的描述提交到默认注册表,并请求报告已知的漏洞。返回的报告包括如何处理此信息的说明。如果没有发现漏洞,该命令将以0退出代码退出。

npm audit fix :自动修复漏洞。请注意,有些漏洞无法自动修复,需要人工干预或审查。还请注意,由于NPM Audit Fix在引擎盖下运行一个完整的NPM安装程序,所有适用于安装程序的配置也将应用于NPM安装-因此,像NPM Audit Fix这样的东西-包锁定只会按预期工作。

你可能感兴趣的:(VUE)