From a7ec4ca0c6e232a7aac89501f13eefc5a9f599ce Mon Sep 17 00:00:00 2001 From: Liviu Ionescu Date: Sun, 29 Sep 2024 12:57:14 +0300 Subject: [PATCH 1/3] installation.mdx: add a :::tip for harmless vulnerabilities --- website/docs/installation.mdx | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/website/docs/installation.mdx b/website/docs/installation.mdx index b41d108a1101..61f6589d6c80 100644 --- a/website/docs/installation.mdx +++ b/website/docs/installation.mdx @@ -163,6 +163,12 @@ Then, in the directory containing `package.json`, run your package manager's ins npm install ``` +:::tip + +`npm install` may report several vulnerabilities and recommend running `npm audit` to address them. Typically, these reported vulnerabilities, such as RegExp DOS vulnerabilities, are harmless and can be safely ignored. + +::: + To check that the update occurred successfully, run: ```bash From 888427ef416ec3b3bdec381422ce73f96ae35a8a Mon Sep 17 00:00:00 2001 From: Liviu Ionescu Date: Mon, 30 Sep 2024 20:23:30 +0300 Subject: [PATCH 2/3] Trigger tests again. From 992df8031fe7a548070cd14d1ecbb2617070e0c9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Lorber?= Date: Thu, 3 Oct 2024 12:10:24 +0200 Subject: [PATCH 3/3] Update website/docs/installation.mdx --- website/docs/installation.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/docs/installation.mdx b/website/docs/installation.mdx index 61f6589d6c80..1da802db425d 100644 --- a/website/docs/installation.mdx +++ b/website/docs/installation.mdx @@ -165,7 +165,7 @@ npm install :::tip -`npm install` may report several vulnerabilities and recommend running `npm audit` to address them. Typically, these reported vulnerabilities, such as RegExp DOS vulnerabilities, are harmless and can be safely ignored. +`npm install` may report several vulnerabilities and recommend running `npm audit` to address them. Typically, these reported vulnerabilities, such as RegExp DOS vulnerabilities, are harmless and can be safely ignored. Also read this article, which reflects our thinking: [npm audit: Broken by Design](https://overreacted.io/npm-audit-broken-by-design/). :::