On NPM audit fix

The following reminder appears when NPM Install is executed

added 253 packages from 162 contributors and audited 1117 packages in 42.157s
found 5 vulnerabilities (1 low, 4 high)
  run `npm audit fix` to fix them, or `npm audit` for details html

According to the command prompted by the console, type ‘NPM Audit Fix’ and the console prompts:

1 package update for 5 vulns involved breaking changes
  (use `npm audit fix --force` to install breaking changes; or do it by hand)

After typing: ‘NPM Audit Fix — Force’, the console prompts:

added 199 packages from 111 contributors, removed 64 packages and updated 23 packages in 42.194sfixed 5 of 5 vulnerabilities in 1117 scanned packages
  1 package update for 5 vulns involved breaking changes
  (installed due to `--force` option)

Re-enter ‘NPM Audit’ :

                      === npm audit security report ===

found 0 vulnerabilities
 in 4598 scanned packages

At last everything was all right.
Out of curiosity, I read the introduction of NPM Audit Fix on the official website of NPM.
NPM audit: [email protected]& amp; [email protected], which allows developers to analyze complex code and identify specific vulnerabilities and defects.
NPM Audit Fix: [email protected] detects vulnerabilities in project dependencies and automatically installs those that need to be updated without having to track and fix them themselves.
In the meantime, the website also provides some other commands, which are summarized as follows:
1. Run audit Fix, but only update PKglock, not Node_modules:

$ npm audit fix --package-lock-only

2. Update only the packages installed in Dependencies, and skip the packages in devDependencies:

$ npm audit fix --only=prod

3. Run the command to get the contents of the audit Fix to be updated and output the installation information in JSON format, but the update is not actually installed:

$ npm audit fix --dry-run --json

4. Get the detailed test report in JSON format

$ npm audit --json

The attached:
NPM – audit website address: https://docs.npmjs.com/cli/audit

Read More: