TechQA.

4 vulnerabilities - 11ty install. How i should fix this?

468 views Asked by At

Please I've tried all and nothing works.

`# npm audit report

liquidjs <10.0.0 Severity: moderate liquidjs may leak properties of a prototype - https://github.com/advisories/GHSA-45rm-2893-5f49 No fix available node_modules/liquidjs @11ty/eleventy <=2.0.0-canary.18 Depends on vulnerable versions of browser-sync Depends on vulnerable versions of liquidjs node_modules/@11ty/eleventy

ua-parser-js 0.8.1 - 1.0.32 Severity: high ReDoS Vulnerability in ua-parser-js version - https://github.com/advisories/GHSA-fhg7-m89q-25r3 No fix available node_modules/ua-parser-js browser-sync >=2.27.6 Depends on vulnerable versions of ua-parser-js node_modules/browser-sync

4 vulnerabilities (1 moderate, 3 high)

Some issues need review, and may require choosing a different dependency.`

I've tried to update all dependencies but nothing.

npm node-modules eleventy npm-audit
Original Q&A
2

There are 2 answers

2
Guest On

Generally speaking, when dealing with SSGs, the vulnerabilities are not the issue because they are revealing themselves only at the build time, and not the runtime. Generated static website doesn't inherit those vulnerabilities.

0
joealmond On

As mentioned before it is no problem for an SSG to have vulnerabilities at the server side because it's never exposed to the internet. However if you tire update those dependecies 11ty may fall to work! Keep in mind this also!

Related Questions in NPM

Related Questions in NODE-MODULES

Related Questions in ELEVENTY

Related Questions in NPM-AUDIT

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json

Trending Questions