[git] We found potential security vulnerabilities in your dependencies.

Github repository에 갑자기 알림이 떴다.

Github 프로젝트의 의존성 정보를 알려주는 기능

 

Insights > Dependency graph

---

최신 버전이 아닌 패키지 확인

$ npm outdated
Package                 Current  Wanted  Latest  Location
@vue/cli-plugin-babel     4.3.1   4.3.1   4.4.1  board
@vue/cli-plugin-eslint    4.3.1   4.3.1   4.4.1  board
@vue/cli-plugin-router    4.3.1   4.3.1   4.4.1  board
@vue/cli-plugin-vuex      4.3.1   4.3.1   4.4.1  board
@vue/cli-service          4.3.1   4.3.1   4.4.1  board
bootstrap                 4.4.1   4.5.0   4.5.0  board
bootstrap-vue            2.11.0  2.15.0  2.15.0  board
eslint                    6.8.0   6.8.0   7.2.0  board
vue-router                3.1.6   3.3.2   3.3.2  board
vuex                      3.2.0   3.4.0   3.4.0  board

---

npm-check-updates

package.json의 dependencies와 devDependencies에 패키지들을 최신버전으로 업데이트 시켜준다.

 

 

패키지 일괄 버전 업데이트

$ npm i -g npm-check-updates
$ ncu -u
Hmmmmm... this is taking a long time. Your console is telling me to wait for input
on stdin, but maybe that is not what you want.
Try winpty ncu.cmd, or specify a package file explicitly with --packageFile package.json.
See https://github.com/raineorshine/npm-check-updates/issues/136#issuecomment-155721102
$ npm install

ncu -u 코드에서 오류 발생

해당 이슈 페이지 (github.com/raineorshine/npm-check-updates/issues/136#issuecomment-155721102)

 

해결

$ ncu -u --packageFile package.json
$ npm install

github.com/raineorshine/npm-check-updates/issues/136#issuecomment-325566095

 

뭔가 오류같아 보이지만 되긴 하는거 같음.....