Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
Resolving Node Package Security Issues

Resolving Node Package Security Issues

This is an excerpt from a post I wrote on DEV

Using npm-force-resolutions is a last resort!
Please read their docs and my post above for more details.

/* 1. lean on npm to fix issues */
npm audit fix

/* 2. re-audit to find stubborn issues */
npm audit

/* 3. if using the latest packages is fine, update your top-level dependencies    */
npm update

/* 4. if all else fails, force resolutions by adding this to package.json and doing another install */
  "scripts": {
    "preinstall": "npx npm-force-resolutions",
  "resolutions": {
    "bad-pack-1": "1.5.0"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment