5 high severity vulnerabilities - NPM v. 7.17.0

Developer help
1

Hi :slight_smile:

I have just updated my NPM version from npm 6 to 7 on my ghost installation.

The version I’m running now is: 7.17.0

I have used this command “sudo npm install -g npm@latest” to update NPM

But now if I running the command to update ghost-cli with this command: “sudo npm install -g ghost-cli@latest”

I get this warning:

sudo npm install -g ghost-cli@latest

changed 419 packages, and audited 420 packages in 11s

29 packages are looking for funding
run npm fund for details

5 high severity vulnerabilities

To address all issues (including breaking changes), run:
npm audit fix --force

Run npm audit for details.

The command “npm audit fix --force” doesn’t fix the warning!

Will I have to be worried about the warning? and what did it mean?

EDIT-1:

If I’m running this command: “npm audit” I’m getting this output
found 0 vulnerabilities

EDIT-2:

Ghost-CLI version: 1.17.3
Ghost version: 4.7.0 (at /var/www/ghost)
Node version: v14.17.0
Site: https://www.futurenode.dk

Thanks

Thomas

2

In this specific instance, there’s no action required from you, some of the cli dependencies have reported security issues which may or may not actually impact the cli

3

Thanks :slight_smile: