I just provisioned a new project using `npm instal...
# general
I just provisioned a new project using
npm install
, and after NPM was done installing packages it reported this:
Copy code
found 21 low severity vulnerabilities
  run `npm audit fix` to fix them, or `npm audit` for details
Is this something that should be addressed?
npm audit
provides some verbose output that identifies the dependencies that affected. (I'm new to the NodeJS/npm world, so apologies if this is a stupid question.)
What commands exactly did you run? Was this from
pulumi new
or from
npm install
in a particular example?
I have this in my `package.json`:
Copy code
  "name": "typescript",
  "devDependencies": {
    "@types/node": "latest"
  "dependencies": {
    "@pulumi/pulumi": "latest",
    "@pulumi/aws": "latest",
    "@pulumi/awsx": "latest",
    "@pulumi/policy": "latest"
And I ran
npm install
to install the packages/components needed.
Here's the output from
npm audit
This is on Ubuntu 19.10 with Pulumi 1.13.1.