Is there an existing issue for this?
Current Behavior
'npm audit' results in 10's, 100's of vulnerabilities, many / most being listed as critical.
Even though these false positive vulnerabilities are simply false positives, they're not only extremely annoying, but they will make it too difficult to identify anytime there is a real attack against the build toolchain because it will be hidden / buried in w/ all the false positives.
Please fix this ASAP.
Expected Behavior
Stop showing false positives; start with react-scripts.
Steps To Reproduce
Open multiple different react projects.
Each react project should have different versions of react, node, & other popular npm packages.
Do 'npm audit' & you'll see the issues.
Thank you.
Environment
No response
Is there an existing issue for this?
Current Behavior
'npm audit' results in 10's, 100's of vulnerabilities, many / most being listed as critical.
Even though these false positive vulnerabilities are simply false positives, they're not only extremely annoying, but they will make it too difficult to identify anytime there is a real attack against the build toolchain because it will be hidden / buried in w/ all the false positives.
Please fix this ASAP.
Expected Behavior
Stop showing false positives; start with react-scripts.
Steps To Reproduce
Open multiple different react projects.
Each react project should have different versions of react, node, & other popular npm packages.
Do 'npm audit' & you'll see the issues.
Thank you.
Environment
No response