SPFx development - npm audit vulnerabilities
https://sharepoint.stackexchange.com/questions/276985
-
08-02-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianFrage
The company I work for needs custom web parts in modern SharePoint.
I was humming along following the excellent (Microsoft's sponsored) tutorials on SPFx development. I got my web part working on my DEV tenant and all that.
Now that I am getting things ready for production I am shocked to find the out-of-the-box vulnerabilities introduced by yo @microsoft/sharepoint are not that easy to fix. I need to go through each package one by one.
Am I missing something? I am seeking latest guidance on how to address the vulnerabilities. I am new to this tool set.
Many Thanks in advance.
Lösung
With SPFx solutions, none of the npm packages are deployed to SharePoint, so you can ignore these audit warnings. If you had a custom solution that did deploy the npm packages themselves, yes you'd need to address it.
Don't be alarmed by vulnerabilities after running NPM Install
