Closed
Description
Verify latest release
- I verified that the issue exists in the latest pnpm release
pnpm version
No response
Which area(s) of pnpm are affected? (leave empty if unsure)
CLI
Link to the code that reproduces this issue or a replay of the bug
No response
Reproduction steps
Run pnpm audit
Describe the Bug
The summary shows high/critical errors causing the command to return a failure code, but they are not included in the display.
pnpm audit
┌─────────────────────┬────────────────────────────────────────────────────────┐
│ moderate │ smol-toml has a Denial of Service via malicious TOML │
│ │ document using deeply nested inline tables │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Package │ smol-toml │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Vulnerable versions │ <=1.3.0 │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Patched versions │ >=1.3.1 │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Paths │ . > [email protected] > [email protected] │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ More info │ https://github.com/advisories/GHSA-pqhp-25j4-6hq9 │
└─────────────────────┴────────────────────────────────────────────────────────┘
8 vulnerabilities found
Severity: 1 moderate | 6 high | 1 critical
Expected Behavior
If there are high/critical errors. They should be displayed.
Which Node.js version are you using?
20.11.1
Which operating systems have you used?
- macOS
- Windows
- Linux
If your OS is a Linux based, which one it is? (Include the version if relevant)
No response