Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Resolving Node Package Security Issues

Resolving Node Package Security Issues

This is an excerpt from a post I wrote on DEV

Using npm-force-resolutions is a last resort!
Please read their docs and my post above for more details.

/* 1. lean on npm to fix issues */
npm audit fix

/* 2. re-audit to find stubborn issues */
npm audit

/* 3. if using the latest packages is fine, update your top-level dependencies    */
npm update

/* 4. if all else fails, force resolutions by adding this to package.json and doing another install */
{
  "scripts": {
    "preinstall": "npx npm-force-resolutions",
  },
  "resolutions": {
    "bad-pack-1": "1.5.0"
  }
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment