They seem be breaking changes if they are set to force fix.
22 vulnerabilities (1 low, 9 moderate, 12 high)
To address issues that do not require attention, run:
npm audit fix
To address all issues (including breaking changes), run:
npm audit fix --force
Run `npm audit` for details.
[root@a57x-0001(siem-forwarder-1) flowviz]# npm audit fix
added 18 packages, removed 33 packages, changed 24 packages, and audited 561 packages in 8s
113 packages are looking for funding
run `npm fund` for details
# npm audit report
brace-expansion <1.1.13
Severity: moderate
brace-expansion: Zero-step sequence causes process hang and memory exhaustion - https://github.com/advisories/GHSA-f886-m6hf-6m8v
fix available via `npm audit fix`
node_modules/brace-expansion
esbuild <=0.24.2
Severity: moderate
esbuild enables any website to send any requests to the development server and read the response - https://github.com/advisories/GHSA-67mh-4wv8-2f99
fix available via `npm audit fix --force`
Will install vite@8.0.3, which is a breaking change
node_modules/esbuild
vite 0.11.0 - 6.1.6
Depends on vulnerable versions of esbuild
node_modules/vite
minimatch 9.0.0 - 9.0.6
Severity: high
minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern - https://github.com/advisories/GHSA-3ppc-4f35-3m26
minimatch has ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments - https://github.com/advisories/GHSA-7r86-cg39-jmmj
minimatch ReDoS: nested *() extglobs generate catastrophically backtracking regular expressions - https://github.com/advisories/GHSA-23c5-xmqv-rm74
fix available via `npm audit fix --force`
Will install @typescript-eslint/parser@8.57.2, which is a breaking change
node_modules/@typescript-eslint/typescript-estree/node_modules/minimatch
@typescript-eslint/typescript-estree 6.16.0 - 7.5.0
Depends on vulnerable versions of minimatch
node_modules/@typescript-eslint/typescript-estree
@typescript-eslint/parser 6.16.0 - 7.5.0
Depends on vulnerable versions of @typescript-eslint/typescript-estree
node_modules/@typescript-eslint/parser
@typescript-eslint/type-utils 6.16.0 - 7.5.0
Depends on vulnerable versions of @typescript-eslint/typescript-estree
Depends on vulnerable versions of @typescript-eslint/utils
node_modules/@typescript-eslint/type-utils
@typescript-eslint/eslint-plugin 6.16.0 - 7.5.0
Depends on vulnerable versions of @typescript-eslint/type-utils
Depends on vulnerable versions of @typescript-eslint/utils
node_modules/@typescript-eslint/eslint-plugin
@typescript-eslint/utils 6.16.0 - 7.5.0
Depends on vulnerable versions of @typescript-eslint/typescript-estree
node_modules/@typescript-eslint/utils
9 vulnerabilities (3 moderate, 6 high)`
There are multiple NPM packages installed while running
npm installThey seem be breaking changes if they are set to force fix.