npm Community Forum (Archive)

The npm community forum has been discontinued.

To discuss usage of npm, visit the GitHub Support Community.

Audit fails after updating package to recommended version


After upgrading the packages to the recommended versions, I find that npm audit table exposes the same packages and vulnerabilities. For example, after finding that cryptiles package is high risk, I update to the recommended version (, but the issue persists and the package is mentioned in the table.
What I expect instead, is that after upgrading to the recommended version, to run npm audit and not find the package listed there with “high risk” etc.