I'm getting npm audit messages with supertokens-no...
# support-questions
a
I'm getting npm audit messages with supertokens-node
r
hey @Aithusa which version of the node SDK are you using? We updated this dependency to >= 9
Hmm. We depend on ^9.0.0 of that lib.
Try reinstalling your node modules
a
I deleted my node_modules and ran npm install but I'm still getting the same audit report
r
whats the version of jsonwebtoken in package-lock.json?
a
Copy code
"jsonwebtoken": "^8.5.1",
r
right. Thats why.
So our sdk depends on ^9.0.0
maybe something else is adding an older version to your app
Might wanna check that out
a
It also happens when I do npm init and npm install supertokens-node in a fresh project
r
hmm. Ok let me check. Maybe some depdency of ours thats causing an issue
hey @Aithusa - i just tried the fresh install as well and it gave jsonwebtoken version 9.0.0. Can you send over your package-lock.json file here?
a
Copy code
sh
npm init
npm install supertokens-node
My version is 9.0.0 for jsonwebtokens
r
@kakashi_44 can help here
k
Hey @Aithusa , can you try doing
Copy code
npm install "https://github.com/supertokens/supertokens-node.git#package-version-update" --save
let me know if it fixes the issue for you and I'll create a PR for that
a
Yes that seems to work
r
ok great! we will release this version
3 Views