如何解决正则表达式拒绝服务之类的漏洞?

时间:2019-06-03 14:29:49

标签: reactjs npm webpack

当我运行我的React项目时,我得到了以下漏洞:

enter image description here

我该如何解决此问题? 有人可以向我解释一下这实际上是在警告我什么吗? 我需要更新babel-cli吗?

我尝试安装braces@2.3.0来查看此警告是否消失,但安装它后没有任何改变。

我的package.json文件:

{ "name": "Recordshop", "version": "1.0.0", "scripts": { "prestart": "babel-node src-gen/config/startMessage.js", "start": "npm-run-all --parallel open:src-gen lint:watch", "open:src-gen": "babel-node src-gen/config/server.dev.js", "lint": "node_modules/.bin/esw webpack.config.* src-gen src-gen/config", "lint:watch": "npm run lint -- --watch", "clean-prod": "npm run remove-prod && mkdirp prod/app", "remove-prod": "node_modules/.bin/rimraf ./prod", "build:html": "babel-node src-gen/config/buildHTML.js", "prebuild": "npm-run-all clean-prod lint build:html", "build": "babel-node src-gen/config/build.js", "postbuild": "babel-node src-gen/config/server.prod.js" }, "private": true, "optionalDependencies": { "fsevents": "*" }, "dependencies": { "babel-polyfill": "^6.23.0", "es6-promise": "^4.0.5", "isomorphic-fetch": "^2.2.1", "react": "^16.2.0", "react-dom": "^16.2.0", "react-fontawesome": "^1.6.1", "react-redux": "^5.0.5", "react-router-dom": "^4.1.1", "react-router-redux": "^4.0.7", "reduce-reducers": "^0.1.2", "redux": "^3.6.0", "redux-thunk": "^2.1.0" }, "devDependencies": { "ajv": "^5.0.0", "babel-cli": "^6.26.0", "babel-core": "^6.24.1", "babel-loader": "^7.0.0", "babel-plugin-react-display-name": "^2.0.0", "babel-plugin-transform-class-properties": "^6.24.1", "babel-plugin-transform-decorators": "6.24.1", "babel-preset-env": "^1.6.0", "babel-preset-react": "^6.24.1", "babel-preset-react-hmre": "^1.1.1", "babel-register": "^6.24.1", "chalk": "^2.1.0", "cheerio": "^1.0.0-rc.2", "colors": "^1.1.2", "compression": "^1.6.2", "compression-webpack-plugin": "^1.1.11", "cross-env": "^5.0.0", "css-loader": "^2.1.1", "eslint": "^4.19.0", "eslint-import-resolver-webpack": "^0.8.1", "eslint-plugin-import": "^2.3.0", "eslint-plugin-react": "^7.0.1", "eslint-watch": "^3.1.0", "eventsource-polyfill": "^0.9.6", "express": "^4.15.3", "extract-text-webpack-plugin": "^3.0.2", "file-loader": "^1.1.11", "image-webpack-loader": "^4.2.0", "jquery": "^3.1.1", "mkdirp": "^0.5.1", "node-sass": "^4.5.3", "npm-run-all": "^4.0.2", "open": "^6.3.0", "redux-immutable-state-invariant": "^2.0.0", "rimraf": "^2.5.4", "sass-loader": "^6.0.5", "style-loader": "^0.20.3", "url-loader": "^1.0.1", "webpack": "^4.32.2", "webpack-combine-loaders": "^2.0.3", "webpack-dev-middleware": "^2.0.5", "webpack-hot-middleware": "^2.18.0" } }

谢谢您的帮助!

2 个答案:

答案 0 :(得分:0)

要解决该问题,您应该尝试很多事情

  1. 运行npm audit fix
  2. 删除node_modules
  3. 通过运行npm i
  4. 重新安装所有软件包。

答案 1 :(得分:0)

我遇到了同样的错误。这是通天塔核心的错误。尝试使用yarn add --dev babel-jest babel-core@^7.0.0-bridge.0 @babel/core regenerator-runtime

更新babel-core