3
  • After installed react-router-dom.
  • I saw that I had a vulnerability.
  • exactly that:

enter image description here

I didn't find much useful information for solve. Has anyone ever encountered this problem?

Linda Paiste
  • 38,446
  • 6
  • 64
  • 102
andrei_bancos
  • 69
  • 8
  • Don't worry about this particular issue since it's only for a development dependency. You can try `npm audit fix`; it might fix it. – AKX Feb 19 '21 at 20:57
  • @AKX I tried..: "1 vulnerability required manual review and could not be updated." – andrei_bancos Feb 19 '21 at 21:01

2 Answers2

1

As a temp workaround until the third party packages update their dependencies to the newest immerjs version (>=8.0.1) you can use yarn resolutions to use the specified fixed immer version >=8.0.1:

updates in the package.json

"devDependencies": {
  "immer": "8.0.1",
},
"resolutions": {
  "immer": "8.0.1"
}

NOTE: Don't forget to run yarn install after these changes.

A npm equivalent is maybe npm-force-resolutions.

zerocewl
  • 11,401
  • 6
  • 27
  • 53
0

-Find immer into package-lock.json -Update version to 8.0.1 -Remove node_modules -run script npm i -Enjoy

Javier Carreño
  • 1