{"componentChunkName":"component---content-packages-and-modules-securing-your-code-auditing-package-dependencies-for-security-vulnerabilities-mdx","path":"/auditing-package-dependencies-for-security-vulnerabilities","result":{"pageContext":{"frontmatter":{"title":"Auditing package dependencies for security vulnerabilities","redirect_from":["/getting-started/running-a-security-audit/"]},"mdxId":"09c9e0ae-17d2-5e46-a753-97df56082d3a","themeOptions":{"plugins":[],"icon":"./src/images/npm-favicon.png","editOnGitHub":true,"showContributors":false,"showSidebarEditLink":false,"repo":{"url":"https://github.com/npm/documentation","defaultBranch":"main"}},"editUrl":"https://github.com/npm/documentation/edit/main/content/packages-and-modules/securing-your-code/auditing-package-dependencies-for-security-vulnerabilities.mdx","contributors":[],"tableOfContents":{"items":[{"url":"#about-security-audits","title":"About security audits"},{"url":"#running-a-security-audit-with-npm-audit","title":"Running a security audit with npm audit","items":[{"url":"#resolving-eauditnopjson-and-eauditnolock-errors","title":"Resolving EAUDITNOPJSON and EAUDITNOLOCK errors"}]},{"url":"#reviewing-and-acting-on-the-security-audit-report","title":"Reviewing and acting on the security audit report","items":[{"url":"#security-vulnerabilities-found-with-suggested-updates","title":"Security vulnerabilities found with suggested updates","items":[{"url":"#semver-warnings","title":"SEMVER warnings"}]},{"url":"#security-vulnerabilities-found-requiring-manual-review","title":"Security vulnerabilities found requiring manual review","items":[{"url":"#check-for-mitigating-factors","title":"Check for mitigating factors"},{"url":"#update-dependent-packages-if-a-fix-exists","title":"Update dependent packages if a fix exists"},{"url":"#fix-the-vulnerability","title":"Fix the vulnerability"},{"url":"#open-an-issue-in-the-package-or-dependent-package-issue-tracker","title":"Open an issue in the package or dependent package issue tracker"}]},{"url":"#no-security-vulnerabilities-found","title":"No security vulnerabilities found"}]},{"url":"#turning-off-npm-audit-on-package-installation","title":"Turning off npm audit on package installation","items":[{"url":"#installing-a-single-package","title":"Installing a single package"},{"url":"#installing-all-packages","title":"Installing all packages"}]}]}}},"staticQueryHashes":["2665939701","2665939701","4163176147","4163176147"]}