当我将一些 npm 包安装到我的项目中时,大多数情况下,我会收到警告或漏洞错误。
npm WARN deprecated svgo@1.3.2: This SVGO version is no longer supported. Upgrade to v2.x.x.
npm WARN deprecated graphql-tools@3.0.0: This package has been deprecated and now it only exports makeExecutableSchema.\nAnd it will no longer receive updates.\nWe recommend you to migrate to scoped packages such as @graphql-tools/schema, @graphql-tools/utils and etc.\nCheck out https://www.graphql-tools.com to learn what package you should use instead
27 vulnerabilities (16 moderate, 9 high, 2 critical)
当我创建一个世博项目时,上面显示了。我的问题是:
- 我能做些什么来修复这些漏洞?
- 大多数警告都是从已弃用的包中输入代码。可以对他们做些什么?
- 对于安全性很重要的项目,我应该做什么?