Upgrade npm to 6.13.4+because of a critical vulnerability
The NPM team warned everybody about a critical Binary planting vulnerability in NPM versions prior to 6.13.3. Right now we cannot use this version on Azure App Service. Please install npm v6.13.4 ASAP!
Scott Weigand commented
Node.js v8.17.0, v10.19.0, and v12.15.0 are becoming available for App Service and Azure Functions.
To use on Windows, configure the App Setting WEBSITE_NODE_DEFAULT_VERSION to ~8, ~10, or ~12. (You can also directly pin to the version with values of: 8.17.0, 10.19.0, or 12.15.0).
The latest Node.js versions fix this npm security issue: https://nodejs.org/tr/blog/vulnerability/december-2019-security-releases/
The latest Node.js versions fix this HTTP security issue: https://nodejs.org/en/blog/vulnerability/february-2020-security-releases/