Think the whole Security Audit thing in #NPM is just another method to get developers to go mad, slowly.
Feel like I'm chasing my tail around and around, and around and not getting very far.
Updated to latest version of #Whalebird from #github and now I've got it down to 27 vulnerabilities, from 40, when previously I had it down to 14.
Think I'm going to start ignoring the audit info (may even just turn it off completely).
@PhotonQyv Im really surprised at the sheer number of libs being used by Node devs
@jrwr Since I don't even really know anything about #NPM or #Node, and while originally I thought I was helping, h3poteto@mstdn.io with #Whalebird I think I may just forget about PRing anything from now on.
A couple of code changes and the audit just gets ridiculous again.
If I mentioned #ADA would people know what I meant, I've never coded in that either, but I know it was a pain in't arse, apparently (;*
Technical Note:
If you want to turn it off completely, and not just for a single install command you need:
npm set audit false (npm >= 5.1.0)
Or:
npm config set user-agent "npm/{npm-version} node/{node-version} {platform} {arch} no-audit" (npm < 5.1.0)
Source: Email from Kiera, Tech Support, npm, Inc
@jrwr And I know, I missed an @ from @h3poteto 's name that first time (;*