从标题来看,安装后自动运行的npm与直接运行时的npm有所不同:
added 1 package from 1 contributor in 3.609s
[!] 9 vulnerabilities found [5693 packages audited]
Severity: 2 Low | 5 Moderate | 2 High
Run `npm audit` for more detail
$ npm audit
=== npm audit security report ===
[+] no known vulnerabilities found
Packages audited: 164 (0 dev, 0 optional)
我认为这可能是因为它扫描了全局软件包(5693个软件包与164个软件包),但是我无法进行全局审核:
$ npm
audit -g
npm ERR! code EAUDITGLOBAL
npm ERR! `npm audit` does not support testing globals
npm ERR! A complete log of this run can be found in:
npm ERR! /Users/benp/.npm/_logs/2018-07-12T10_32_42_261Z-debug.log
这是怎么回事?