I’m working on a Ionic app but whenever I run npm install I get the following error:
semver 7.0.0 – 7.5.1
Severity: moderate
semver vulnerable to Regular Expression Denial of Service – https://github.com/advisories/GHSA-c2qf-rxjj-qqgw
fix available via npm audit fix
node_modules/npm-watch/node_modules/simple-update-notifier/node_modules/semver
simple-update-notifier 1.0.7 – 1.1.0
Depends on vulnerable versions of semver
node_modules/npm-watch/node_modules/simple-update-notifier
nodemon 2.0.19 – 2.0.22
Depends on vulnerable versions of simple-update-notifier

3 moderate severity vulnerabilities

I tried running npm audit fix and npm audit fix–force but the error persists. I also tried deliting package.lock.json and the node_modules folder and the running npm install again but to no avail.
I also tried to set “overrides”: { “semver”: “~7.5.3” } in the package.json but gave me conflicts with other dependencies.

This is my package.json:
{
“name”: “testProject”,
“version”: “0.0.1”,
“author”: “Ionic Framework”,
“homepage”: “https://ionicframework.com/”,
“scripts”: {
“ng”: “ng”,
“start”: “ng serve”,
“build”: “ng build”,
“watch”: “ng build –watch –configuration development”,
“test”: “ng test”,
“lint”: “ng lint”
},
“private”: true,
“dependencies”: {
“@angular/animations”: “^18.0.0”,
“@angular/common”: “^18.0.0”,
“@angular/compiler”: “^18.0.0”,
“@angular/core”: “^18.0.0”,
“@angular/forms”: “^18.0.0”,
“@angular/platform-browser”: “^18.0.0”,
“@angular/platform-browser-dynamic”: “^18.0.0”,
“@angular/router”: “^18.0.0”,
“@capacitor/splash-screen”: “^6.0.0”,
“@ionic/angular”: “^8.0.0”,
“ionicons”: “^7.0.0”,
“rxjs”: “~7.8.0”,
“semver”: “^7.6.2”,
“tslib”: “^2.3.0”,
“zone.js”: “~0.14.2”
},
“devDependencies”: {
“@angular-devkit/build-angular”: “^18.0.0”,
“@angular-eslint/builder”: “^18.0.0”,
“@angular-eslint/eslint-plugin”: “^18.0.0”,
“@angular-eslint/eslint-plugin-template”: “^18.0.0”,
“@angular-eslint/schematics”: “^18.0.0”,
“@angular-eslint/template-parser”: “^18.0.0”,
“@angular/cli”: “^18.0.0”,
“@angular/compiler-cli”: “^18.0.0”,
“@angular/language-service”: “^18.0.0”,
“@capacitor/assets”: “^3.0.5”,
“@ionic/angular-toolkit”: “^11.0.1”,
“@types/jasmine”: “~5.1.0”,
“@typescript-eslint/eslint-plugin”: “^6.0.0”,
“@typescript-eslint/parser”: “^6.0.0”,
“eslint”: “^8.57.0”,
“eslint-plugin-import”: “^2.29.1”,
“eslint-plugin-jsdoc”: “^48.2.1”,
“eslint-plugin-prefer-arrow”: “1.2.2”,
“jasmine-core”: “~5.1.0”,
“jasmine-spec-reporter”: “~5.0.0”,
“karma”: “~6.4.0”,
“karma-chrome-launcher”: “~3.2.0”,
“karma-coverage”: “~2.2.0”,
“karma-jasmine”: “~5.1.0”,
“karma-jasmine-html-reporter”: “~2.1.0”,
“nodemon”: “^3.1.3”,
“typescript”: “~5.4.0”
},
“description”: “An Ionic project”
}

What could be the problem? In general, how do you solve dependency problems? I’m pretty new to this sort of errors