What are "Vulnerabilities" in NPM install?

At this point in the course: https://academy.ivanontech.com/products/lightning-network-lightning-app-programming/categories/1688324/posts/5669795

I get the following result of running NPM Install after the GIT clone:

added 225 packages from 233 contributors and audited 226 packages in 3.417s
found 9 vulnerabilities (6 low, 1 moderate, 1 high, 1 critical)
run npm audit fix to fix them, or npm audit for details

If I do a “npm audit” I get - for the critical issue:

Critical Sandbox Bypass Leading to Arbitrary Code Execution

Package constantinople

Patched in >=3.1.1

Dependency of jade

Path jade > constantinople

More info https://npmjs.com/advisories/568

What is this? Should I worry?

This is fine because you won’t be using the project in a real life scenario, you don’t need to do anything. If you would use it in the future you would need to update the libraries. :slight_smile:

OK - thanks for getting back