Forge vulnerabilitie

Hello, I am new to Forge development. I'm following the getting started manual of atlassian.

When i install the forge/cli it tells me it has 6 high vulnerabilities. Is this correct or am i doing something wrong?

npm install -g @forge/cli

added 593 packages, and audited 594 packages in 3m

14 vulnerabilities (8 moderate, 6 high)

To address issues that do not require attention, run:
npm audit fix

To address all issues (including breaking changes), run:
npm audit fix --force

After this the cmd doesn't recognizes forge as a command for "forge login"

I uninstalled the cli.

npm uninstall -g @forge/cli

removed 593 packages, and audited 1 package in 4s

found 0 vulnerabilities"

1 answer

0 votes

Welcome to the community. I had the same issues and once you run the np audit fix --force command it fixes it.

I'm able to run the plugins without issues after forge deploy and forge install

Regards

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Hi thanks for the answer, But audit fix--force doesn't follow the semver rules right? Mi main concern is that of security.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.