Fix NPM Vulnerabilities with NPM Overrides - Secure NOW!
Рет қаралды 20,863
Күн бұрын
@swamidhyananurag85 Жыл бұрын
Thank you for such short and effective solution!
@houcinehannoun6578 9 ай бұрын
You are a life saver, thank you bro
@PixemWeb 9 ай бұрын
Happy to help.
@mr_don_key 6 ай бұрын
but what about, when you keep these overrides? you fall behind eventually and it's quite labor intensive changing these overrides over and over... What is a package stops in development? (maintainer quits, no ownership transfer.. abandoned lib in essence) If you remove it, it can lead to breakage of other things.. Yet, it's vulnerable.. using an alternative package, can also lead to breaks, since it might not support the needed elements or communicates differently (function names, class names etc, which would mean rewriting you logic code.) Also, who audits this? and on what level? (security, stability, features, etc)
@VideoWow7184 5 ай бұрын
We use a tool called renovate to help automatically keep npm packages upto date. If you haven't used Renovate before, it will watch for new versions of packages you are using and create a PR for them. You can even configure it on a package by package bases to automatically merge the PRs immediately or after a stabilization period. It is silver bullet as there are package incompatibilities as you have mentioned above that break tests, lint, etc that you need to fix manually but it does cut down the amount of effort overall when managing many npm packages. It also means that your always up to date so upgrading packages becomes easier since the gap between your current version and the target version will be much smaller.
@rioeleven1 8 ай бұрын
thank you, it worked.
@aadeeshjain1 6 ай бұрын
Thanks You Saved My life and earned a subscriber
@sazeebulbashar5686 Жыл бұрын
Thank You Bro. God bless you.......
@vivekiyer9273 4 ай бұрын
literally saved 5 days of work. Thank you soo much!!
@PixemWeb 4 ай бұрын
Glad it helped!
@mumk 6 ай бұрын
Thanks so much
@RajeshFullstack Жыл бұрын
Without npm update can we fix vulnerabilities
@jorgeloyola3317 5 ай бұрын
man, i love u
@PhilDiasPJD Жыл бұрын
Does overrides with npm packages work the same way with yarn?
@PixemWeb Жыл бұрын
I believe you would use resolutions. I’d have to look into it to see if things have changed since yarn classic versus modern.
@PunkSage Жыл бұрын
How to use overrides in monorepo?
Marusya Outdoors
Рет қаралды 100 МЛН
The Amazing Codeverse
Рет қаралды 1,8 М.
Dave Gray
Рет қаралды 776 М.
Marusya Outdoors
Рет қаралды 100 МЛН