npm Community Forum (Archive)

The npm community forum has been discontinued.

To discuss usage of npm, visit the GitHub Support Community.

How to report fixed vulnerability


how do I report when a vulnerability in a package was fixed (resp. if the information if wrong)? is wrong. The vulnerability has long been fixed with the 1.0.1 release:


Great question and thank you for the updated information. The current best place to report any advisory updates is to email

I’ve gone ahead and updated the advisory based on this new information.