Skip to content

Commit

Permalink
docs: add tip about harmless vulnerabilities (#10535)
Browse files Browse the repository at this point in the history 
Co-authored-by: Sébastien Lorber <[email protected]>
  • Loading branch information
@ilg-ul @slorber
ilg-ul and slorber authored Oct 3, 2024
1 parent 0657e58 commit e8545b5
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions website/docs/installation.mdx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -163,6 +163,12 @@ Then, in the directory containing `package.json`, run your package manager's ins
npm install
```

:::tip

`npm install` may report several vulnerabilities and recommend running `npm audit` to address them. Typically, these reported vulnerabilities, such as RegExp DOS vulnerabilities, are harmless and can be safely ignored. Also read this article, which reflects our thinking: [npm audit: Broken by Design](https://overreacted.io/npm-audit-broken-by-design/).

:::

To check that the update occurred successfully, run:

```bash
Expand Down

0 comments on commit e8545b5

Please sign in to comment.