1、第一种解决办法
npm audit fix
npm audit fix --force
npm audit
执行命令的日志:
D:\intellijIDEA-workspace\finance-vip-frontend>npm install cnpm
+ [email protected]
added 563 packages from 919 contributors and audited 28328 packages in 133.414s
found 1 critical severity vulnerability
run `npm audit fix` to fix them, or `npm audit` for details
D:\intellijIDEA-workspace\finance-vip-frontend>npm audit fix
up to date in 12.666s
fixed 0 of 1 vulnerability in 28328 scanned packages
1 vulnerability required manual review and could not be updated
D:\intellijIDEA-workspace\finance-vip-frontend>npm audit fix --force
npm WARN using --force I sure hope you know what you are doing.
up to date in 12.492s
fixed 0 of 1 vulnerability in 28328 scanned packages
1 vulnerability required manual review and could not be updated
D:\intellijIDEA-workspace\finance-vip-frontend>npm audit
=== npm audit security report ===
Manual Review
Some vulnerabilities require your attention to resolve
Visit https://go.npm.me/audit-guide for additional guidance
Critical Command Injection
Package open
Patched in >0.0.5
Dependency of cnpm
Path cnpm > open
More info https://npmjs.com/advisories/663
found 1 critical severity vulnerability in 28328 scanned packages
1 vulnerability requires manual review. See the full report for details.
D:\intellijIDEA-workspace\finance-vip-frontend>npm install
audited 28328 packages in 14.722s
found 1 critical severity vulnerability
run `npm audit fix` to fix them, or `npm audit` for details
第二种解决办法
删除已经安装的:node_modules 和 package-lock.json
修改 package.json 格式如下
npm audit fix --force
npm instal