I used the npx create-react-app my-app command to create a new React app, and while the app was successfully created, the terminal output mentioned 8 vulnerabilities (2 moderate, 6 high). Here’s a snippet of the output:
8 vulnerabilities (2 moderate, 6 high)
To address all issues (including breaking changes), run:
npm audit fix --force
Run `npm audit` for details.
I am not sure how to proceed. Should I run npm audit fix –force as suggested, or is there a better way to address these vulnerabilities without potentially introducing breaking changes?
I’m new to React and want to ensure my environment is secure but also stable. Any advice or guidance would be greatly appreciated.
Additional Details:
Node.js version: [your Node.js version]
npm version: [your npm version]
OS: [your operating system and version]
I haven’t tried running npm audit fix –force yet because I’m worried it might introduce breaking changes. I was expecting the newly created app to be free of vulnerabilities, but instead, it shows 8 vulnerabilities (2 moderate, 6 high). I want to know the best way to resolve these issues without breaking the app.