在VUE项目中执行npm install 出现如下提醒

added 1497 packages from 1055 contributors and audited 27518 packages in 40.021s
found 5 vulnerabilities (3 moderate, 2 high)
  run `npm audit fix` to fix them, or `npm audit` for details

npm audit fix 执行后：

npm WARN extract-text-webpack-plugin@3.0.2 requires a peer of webpack@^3.1.0 but none is installed. You must install peer dependencies yourself.
npm WARN uglifyjs-webpack-plugin@0.4.6 requires a peer of webpack@^1.9 || ^2 || ^2.1.0-beta || ^2.2.0-rc || ^3.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.2.9 (node_modules\fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.9: wanted {"os":"darwin","arch":"any"} (current: {"os":"win32","arch":"x64"})

+ axios@0.19.0
added 4 packages from 7 contributors and updated 2 packages in 11.505s
fixed 3 of 5 vulnerabilities in 27518 scanned packages
  2 vulnerabilities required manual review and could not be updated

从npm官网上查阅了对于npm audit fix的相关介绍。

npm audit ： audit命令将项目中配置的依赖项的描述提交到默认注册表，并请求报告已知的漏洞。返回的报告包括如何处理此信息的说明。如果没有发现漏洞，该命令将以0退出代码退出。

npm audit fix ：自动修复漏洞。请注意，有些漏洞无法自动修复，需要人工干预或审查。还请注意，由于NPM Audit Fix在引擎盖下运行一个完整的NPM安装程序，所有适用于安装程序的配置也将应用于NPM安装-因此，像NPM Audit Fix这样的东西-包锁定只会按预期工作。