Hallo,
ich habe mich zur Installation für die Version 14 entschieden und erhalte folgendes Resultat bei dem Audit:
=== npm audit security report ===
# Run npm update socket.io --depth 1 to resolve 8 vulnerabilities
------------------------------
Low - Regular Expression Denial of Service
Package: debug
Dependency of: socket.io
Path: socket.io > debug
More info: https://npmjs.com/advisories/534
------------------------------
Low - Regular Expression Denial of Service
Package: debug
Dependency of: socket.io
Path: socket.io > engine.io > debug
More info: https://npmjs.com/advisories/534
------------------------------
Low - Regular Expression Denial of Service
Package: debug
Dependency of: socket.io
Path: socket.io > socket.io-adapter > debug
More info: https://npmjs.com/advisories/534
------------------------------
Low - Regular Expression Denial of Service
Package: debug
Dependency of: socket.io
Path: socket.io > socket.io-adapter > socket.io-parser > debug
More info: https://npmjs.com/advisories/534
------------------------------
Low - Regular Expression Denial of Service
Package: debug
Dependency of: socket.io
Path: socket.io > socket.io-client > socket.io-parser > debug
More info: https://npmjs.com/advisories/534
------------------------------
Low - Regular Expression Denial of Service
Package: debug
Dependency of: socket.io
Path: socket.io > socket.io-parser > debug
More info: https://npmjs.com/advisories/534
------------------------------
Low - Regular Expression Denial of Service
Package: debug
Dependency of: socket.io
Path: socket.io > socket.io-client > debug
More info: https://npmjs.com/advisories/534
------------------------------
Low - Regular Expression Denial of Service
Package: debug
Dependency of: socket.io
Path: socket.io > socket.io-client > engine.io-client > debug
More info: https://npmjs.com/advisories/534
------------------------------
Manual Review
Some vulnerabilities require your attention to resolve
Visit https://go.npm.me/audit-guide for additional guidance
------------------------------
High - Regular Expression Denial of Service
Package: parsejson
Patched in: No patch available
Dependency of: socket.io
Path: socket.io > socket.io-client > engine.io-client > parsejson
More info: https://npmjs.com/advisories/528
------------------------------
found 9 vulnerabilities (8 low, 1 high) in 114 scanned packages
run `npm audit fix` to fix 8 of them.
1 vulnerability requires manual review. See the full report for details.
Gruß,
Afox