安装全局koa2:npm install -g koa2 -generator

创建一个koa2文件夹:koa2 -e koa2


进入koa2文件夹:cd koa2

安装npm模块:npm install

  

显示如下结果,可以看到,英文提示有一个漏洞需要修复

 C:\Users\Administrator\Desktop\koa2-1-1\koa2>npm install

npm WARN deprecated swig@1.4.2: This package is no longer maintained

npm WARN deprecated ejs@2.3.4: Critical security bugs fixed in 2.5.5

> nodemon@1.18.6 postinstall C:\Users\Administrator\Desktop\koa2-1-1\koa2\node_modules\nodemon

> node bin/postinstall || exit 0

Love nodemon? You can now support the project via the open collective:

 > https://opencollective.com/nodemon/donate

npm notice created a lockfile as package-lock.json. You should commit this file.

npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.2.4 (node_modules\fsevents):

npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.4: wanted {"os":"darwin","arch":"any"} (current: {"os":"win32","arch":"x64"})

added 320 packages from 182 contributors and audited 2414 packages in 186.878s

found 1 low severity vulnerability

  run `npm audit fix` to fix them, or `npm audit` for details

  

按照代码运行  npm audit fix

显示

C:\Users\Administrator\Desktop\koa2-1-1\koa2>npm audit fix

npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.2.4 (node_modules\fsevents):

npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.4: wanted {"os":"darwin","arch":"any"} (current: {"os":"win32","arch":"x64"})

up to date in 13.094s

fixed 0 of 1 vulnerability in 2414 scanned packages

  1 package update for 1 vuln involved breaking changes

  (use `npm audit fix --force` to install breaking changes; or refer to `npm audit` for steps to fix these manually)

  

很明显没有解决

接着运行audit fix

显示:

Run  npm install koa-onerror@4.1.0  to resolve 1 vulnerabilitySEMVER WARNING: Recommended action is a potentially breaking change

Low Regular Expression Denial of Service

Package uglify-js

Dependency of koa-onerror

Path koa-onerror > swig > uglify-js

More info https://nodesecurity.io/advisories/48

found 1 low severity vulnerability in 2414 scanned packages

  运行

npm install koa-onerror@4.1.0
显示
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.2.4 (node_modules\fsevents):

npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.4: wanted {"os":"darwin","arch":"any"} (current: {"os":"win32","arch":"x64"})

+ koa-onerror@4.1.0

added 1 package from 1 contributor, removed 15 packages, updated 1 package and audited 2401 packages in 14.254s

found 0 vulnerabilities

  

ok

最新文章

  1. crontab介绍
  2. iOS关于NSUserDefaults存,写, 删的问题
  3. BUG集锦
  4. HDU 5514 Frogs (容斥原理+因子分解)
  5. Google前工程经理王忻:如何准备软件工程师的面试
  6. HTML5文件拖拽
  7. VIM 及正则表达式
  8. 把 Eclipse 中的工程 Push 到 Github(适用 Windows 平台)
  9. 重新温习,不但可以让自己对js更加的深刻认识,又能加深记忆,至此每天一次复习记录在此。
  10. @Html.ValidationSummary()的使用
  11. postfix疯狂外发垃圾邮件
  12. java采用Apache FileUpload组件实现上传
  13. nginx启动脚本,手动编辑
  14. 精通libGDX游戏开发-RPG实战-开发游戏的基本前提
  15. SQL 获取表结构
  16. [Swift]LeetCode756. 金字塔转换矩阵 | Pyramid Transition Matrix
  17. JAVA记录-消息队列介绍
  18. hash进阶:使用字符串hash乱搞的姿势
  19. Nextcloud13私有云盘安装指南
  20. 3. Oracle数据库逻辑备份与恢复

热门文章

  1. Linux指令(Terminal命令):
  2. 问题 C: To Fill or Not to Fill
  3. Ubuntu18.04安装mysql(AWS云)
  4. css总结 -使用display:inline-block,出现元素高度错位
  5. [转] c# 中使用opencv进行视频捕获
  6. 518-零钱兑换 II(完全背包-求方案总数)
  7. gulp-sass设置不同样式风格的输出方法
  8. 免费馅饼 HDU - 1176 基础dp
  9. 【你不知道的javaScript 上卷 笔记6】javaScript中的对象相关内容
  10. [JSOI2010] 连通数 - 强连通分量,缩点