npm audit fix vs npm install

node.js npm npm-install npm-audit

There is something I don't understand with how npm audit fix works. From the docs:

npm audit fix runs a full-fledged npm install under the hood

So why when I run npm install and see audit vulnerabilities do I have to run npm audit fix manually to fix them?


npm install without any arguments will just install the dependencies in your package-lock.json (assuming it exists). npm audit fix will use the audit information to figure out what dependencies need to be upgraded and install them, as long as they don't conflict with your package.json.

Related

Can't install Fiona on Windows
Sanity.io GROQ query for array of objects
Call RtlIsNameInExpression from .Net code
How to check in which position (landscape or portrait) is the iPhone now?
How do I make a scrollable area with a dynamic height container
How to only test select pairwise comparisons using emmeans?
Error: Expected undefined to be a GraphQL schema
list.append() does not appear to work correctly
Sort by memory usage in docker stats
How to integrate code into application in python
Converting a string to double in Dart using double.parse()
using multiproccesing with the pandas-ta library