Reply to post: Job done ...

Security warning deluge from 'npm audit' is driving developers to distraction

Job done ...

Sounds to me like the warnings worked then. Security depends on context and mitigation. So the tool flagged up warnings, you reviewed those warnings and decided they did not apply in your context. For a few warnings you decided they did apply. Working as intended.

So now you must document all that so that in future if the context changes you have a reference for further review. This is called being professional.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2022