After installing NR and the flow node-red-node-openweathermap 0.2.1
Node-RED Version: v1.0.3
Node.js Version: v12.16.1
Linux 4.19.79-v7+ arm LE
we got an npm audit error message which we are not able to fix.
What do we need to do?
npm audit fix does not work.
Installation process and error message
npm install node-red-node-openweathermap
npm WARN deprecated cryptiles@3.1.4: This version has been deprecated in accordance with the hapi support policy (hapi.im/support). Please upgrade to the latest version to get the best features, bug fixes, and security patches. If you are unable to upgrade at this time, paid support is available for older versions (hapi.im/commercial).
npm WARN node-red-project@0.0.1 No repository field.
npm WARN node-red-project@0.0.1 No license field.
- node-red-node-openweathermap@0.2.1
updated 1 package, moved 1 package and audited 1404 packages in 27.849s
1 package is looking for funding
run npm fund
for details
found 1 high severity vulnerability
run npm audit fix
to fix them, or npm audit
for details
sudo npm audit
=== npm audit security report ===
Manual Review
Some vulnerabilities require your attention to resolve
Visit https://go.npm.me/audit-guide for additional guidance
High │ Insufficient Entropy
Package │ cryptiles
Patched in │ >=4.1.2
Dependency of │ node-red-node-openweathermap
Path │ node-red-node-openweathermap > request > hawk > cryptiles
More info │ https://npmjs.com/advisories/1464
found 1 high severity vulnerability in 1404 scanned packages
1 vulnerability requires manual review. See the full report for details.