How to fix Missing Origin Validation error for “webpack-dev-server”


(Bamasure6521) #1

Whenever i try to install npm in my laravel project its show “found 1 high severity vulnerability” so i try to fix it by “npm audit fix” bust it show the same result so then i try to check it by “npm audit” it show the problem of “Missing Origin Validation of package-> webpack-dev-server” so i try to install it manually by using “npm install webpack-dev-server --save-dev” but same result>>>> here i give the full comand line result bellow what i want to do what is the result of it… Now please help me how to fix this…
npm ver->6.4.1
node ver->10.13.0

C:\xampp\htdocs\Newapp>npm install
npm WARN deprecated browserslist@2.11.3: Browserslist 2 could fail on reading Browserslist >3.0 config used in other tools.
npm WARN deprecated browserslist@1.7.7: Browserslist 2 could fail on reading Browserslist >3.0 config used in other tools.

> node-sass@4.10.0 install C:\xampp\htdocs\Newapp\node_modules\node-sass
> node scripts/install.js

Downloading binary from https://github.com/sass/node-sass/releases/download/v4.10.0/win32-x64-64_binding.node
Download complete…] - :
Binary saved to C:\xampp\htdocs\Newapp\node_modules\node-sass\vendor\win32-x64-64\binding.node
Caching binary to C:\Users\bamas\AppData\Roaming\npm-cache\node-sass\4.10.0\win32-x64-64_binding.node

> uglifyjs-webpack-plugin@0.4.6 postinstall C:\xampp\htdocs\Newapp\node_modules\webpack\node_modules\uglifyjs-webpack-plugin
> node lib/post_install.js

> node-sass@4.10.0 postinstall C:\xampp\htdocs\Newapp\node_modules\node-sass
> node scripts/build.js

Binary found at C:\xampp\htdocs\Newapp\node_modules\node-sass\vendor\win32-x64-64\binding.node
Testing binary
Binary is fine
npm notice created a lockfile as package-lock.json. You should commit this file.
npm WARN img-loader@3.0.1 requires a peer of imagemin@^5.0.0 || ^6.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN ajv-keywords@3.2.0 requires a peer of ajv@^6.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.2.4 (node_modules\fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.4: wanted {“os”:“darwin”,“arch”:“any”} (current: {“os”:“win32”,“arch”:“x64”})

added 1189 packages from 698 contributors and audited 11710 packages in 242.513s
found 1 high severity vulnerability
_ run npm audit fix to fix them, or npm audit for details_

C:\xampp\htdocs\Newapp>npm audit fix
npm WARN ajv-keywords@3.2.0 requires a peer of ajv@^6.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN img-loader@3.0.1 requires a peer of imagemin@^5.0.0 || ^6.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.2.4 (node_modules\fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.4: wanted {“os”:“darwin”,“arch”:“any”} (current: {“os”:“win32”,“arch”:“x64”})

up to date in 8.555s
fixed 0 of 1 vulnerability in 11710 scanned packages
_ 1 vulnerability required manual review and could not be updated_

C:\xampp\htdocs\Newapp>npm audit

_ === npm audit security report ===_

_ Manual Review_
_ Some vulnerabilities require your attention to resolve_

_ Visit https://go.npm.me/audit-guide for additional guidance_

_ High Missing Origin Validation_

_ Package webpack-dev-server_

_ Patched in >=3.1.6_

_ Dependency of laravel-mix [dev]_

_ Path laravel-mix > webpack-dev-server_

_ More info https://nodesecurity.io/advisories/725_

found 1 high severity vulnerability in 11710 scanned packages
_ 1 vulnerability requires manual review. See the full report for details._

C:\xampp\htdocs\Newapp>

C:\xampp\htdocs\Newapp>npm install webpack-dev-server --save-dev
npm WARN ajv-keywords@3.2.0 requires a peer of ajv@^6.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN img-loader@3.0.1 requires a peer of imagemin@^5.0.0 || ^6.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN webpack-dev-server@3.1.10 requires a peer of webpack@^4.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN webpack-dev-middleware@3.4.0 requires a peer of webpack@^4.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.2.4 (node_modules\fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.4: wanted {“os”:“darwin”,“arch”:“any”} (current: {“os”:“win32”,“arch”:“x64”})

+ webpack-dev-server@3.1.10
added 49 packages from 25 contributors, updated 12 packages, moved 13 packages and audited 15147 packages in 24.129s
found 1 high severity vulnerability
_ run npm audit fix to fix them, or npm audit for details_

C:\xampp\htdocs\Newapp>npm audit fix
npm WARN ajv-keywords@3.2.0 requires a peer of ajv@^6.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN img-loader@3.0.1 requires a peer of imagemin@^5.0.0 || ^6.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN webpack-dev-middleware@3.4.0 requires a peer of webpack@^4.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN webpack-dev-server@3.1.10 requires a peer of webpack@^4.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.2.4 (node_modules\fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.4: wanted {“os”:“darwin”,“arch”:“any”} (current: {“os”:“win32”,“arch”:“x64”})

up to date in 8.073s
fixed 0 of 1 vulnerability in 15147 scanned packages
_ 1 vulnerability required manual review and could not be updated_

C:\xampp\htdocs\Newapp>npm audit

_ === npm audit security report ===_

_ Manual Review_
_ Some vulnerabilities require your attention to resolve_

_ Visit https://go.npm.me/audit-guide for additional guidance_

_ High Missing Origin Validation_

_ Package webpack-dev-server_

_ Patched in >=3.1.6_

_ Dependency of laravel-mix [dev]_

_ Path laravel-mix > webpack-dev-server_

_ More info https://nodesecurity.io/advisories/725_

found 1 high severity vulnerability in 15147 scanned packages
_ 1 vulnerability requires manual review. See the full report for details._


(system) #2

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.