https://pulumi.com logo
Powered by
s

salmon-account-74572

04/01/2020, 5:53 PM
I just provisioned a new project using 
npm install
, and after NPM was done installing packages it reported this:
Copy code
found 21 low severity vulnerabilities
  run `npm audit fix` to fix them, or `npm audit` for details
Is this something that should be addressed? 
npm audit
provides some verbose output that identifies the dependencies that affected. (I'm new to the NodeJS/npm world, so apologies if this is a stupid question.)
w

white-balloon-205

04/01/2020, 5:55 PM
What commands exactly did you run? Was this from 
pulumi new
or from 
npm install
in a particular example?
s

salmon-account-74572

04/01/2020, 5:57 PM
I have this in my `package.json`:
Copy code
{
  "name": "typescript",
  "devDependencies": {
    "@types/node": "latest"
  },
  "dependencies": {
    "@pulumi/pulumi": "latest",
    "@pulumi/aws": "latest",
    "@pulumi/awsx": "latest",
    "@pulumi/policy": "latest"
  }
}
And I ran 
npm install
to install the packages/components needed.
Here's the output from 
npm audit
.
audit.txt
This is on Ubuntu 19.10 with Pulumi 1.13.1.
Powered by