The npm community forum has been discontinued.
To discuss usage of npm, visit the GitHub Support Community.
[Security] for libnpm vulnerable dependency reported in npm audit
Hi, for latest libnpm 2.0.1 a vulnerable version of dependency npm-lifecycle was reported in npm audit. Could you please
npm audit fix your package and publish to npm?
npm audit output follows:
High Arbitrary File Overwrite
Patched in >=4.4.2
Dependency of npm
Path npm > libnpm > npm-lifecycle > node-gyp > tar
More info https://nodesecurity.io/advisories/803