up to date, audited 704 packages in 2s
121 packages are looking for funding
run npm fund for details
8 vulnerabilities (5 high, 3 critical)
To address all issues (including breaking changes), run:
npm audit fix --force
Run npm audit for details.
I tried reinstalling
This is not an error. You tried installing a package which you already installed previously. That’s why it says up to date. The message says that it found 8 vulnerabilities which can happen if packages are outdated.
Related
I all time use foundation zurb and I don't want use something else. But suddenly I found that my foundation is refusing to work. What I understood it is that it updated and now it works in a different way. When I installed everything I needed I saw this error and when I want to make foundation new I keep getting the error:
up to date, audited 443 packages in 9s
30 packages are looking for funding
run `npm fund` for details
12 vulnerabilities (2 low, 2 moderate, 8 high)
To address issues that do not require attention, run:
npm audit fix
To address all issues possible (including breaking changes), run:
npm audit fix --force
Some issues need review, and may require choosing
a different dependency.
Run `npm audit` for details.
undefined
There were some problems during the installation.
✓ New project folder created.
✗ Node modules not installed. Try running yarn install manually.
Once you've resolved the above issues, run foundation watch while inside the we folder.
I tried reinstall git and node.js, but it didn't help me. I tried run all what it wants in description but yet it doesn't work. What I need to do? Thanks
This question already has answers here:
npm WARN deprecated tar#2.2.2: This version of tar is no longer supported, and will not receive security updates. Please upgrade asap
(4 answers)
Closed 1 year ago.
npm WARN deprecated tar#2.2.2: This version of tar is no longer supported, and will not receive security updates. Please upgrade asap.
changed 67 packages, and audited 68 packages in 7s
4 packages are looking for funding
run `npm fund` for details
2 high severity vulnerabilities
Some issues need review, and may require choosing
a different dependency.
Run `npm audit` for details.
This kind of problem is quite common for npm users. Your package.json file mentions multiple npm packages you need. And, each of those package's package.json file in turn refers to other packages, and so on. Somewhere in there some package refers to version 2.2.2 of tar. But the current version of tar is 6.2.2.
You can, as the error message says, run npm audit to find the offending package: that is, the package that wants the old version of tar (tar#2.2.2).
How to try to fix this?
If it's your package.json that loads tar#2.2.2 try doing these two commands.
npm remove tar --save
npm install tar --save
to get the latest.
Try running npm update --save. It will examine your nest of npm packages, and bring them up to more recent versions. That may, or may not, replace the offending package with a more recent version. It does this by updating a file called package-lock.json containing the explicit versions. If that doesn't work ...
Try running npm audit again to see what the situation is. Then, try npm audit --fix . If that doesn't work ...
File an issue on the github repository of the offending package asking for an update.
Look for another package with the same functionality as the offending package and replace it.
Decide you will live with the warning. (If your software is used in production, that may be unwise, because cybercreeps.)
Ask another question here and mention the offending package.
I just installed a fresh react-native project on big-sur.
When i try to install a npm package, i got this error.
How can i fix it?
npm install #react-navigation/native
up to date, audited 1026 packages in 2s
6 low severity vulnerabilities
To address all issues (including breaking changes), run:
npm audit fix --force
When execute the "npm audit fix --force" command, the app is not working anymore.
Sorry this is not an error, everything works fine...
I am a new developer and these error torture me.
npm install --save radium
+ radium#0.26.0
updated 1 package and audited 1374 packages in 11.052s
23 packages are looking for funding
run `npm fund` for details
found 34 vulnerabilities (31 low, 1 moderate, 2 high)
run `npm audit fix` to fix them, or `npm audit` for details
This is an npm feature called audit so that you can check whether your installed modules have known vulnerabilities and exploits. Developers or other users of these modules can announce possible exploits and probabily release a patch if they found anything unsafe in the module. Then everytime you install modules or run audit manually you will see these warnings. You can run npm audit fix to let npm fix them if possible. However some modules does not have a patch or cannot be fixed automatically so you have to fix them by hand. Anyway if you are just developing locally you can ignore them.
I tried this
npm install react-native-elements
I got
found 454 low severity vulnerabilities
run `npm audit fix` to fix them, or `npm audit` for details
I tried this
npm audit fix
and I got
fixed 396 of 454 vulnerabilities in 38064 scanned packages
58 vulnerabilities required manual review and could not be updated
I tried
npm uninstall react-native-elements
But this works as npm install react-native-elements somehow.
Should I concern this 58 vulnerabilities ? Can I fix this manually ?
If it is difficult to fix, How I can delete this package correctly?
If you want to delete the package correctly, try removing it from package.json and then try npm install.
However, you should not worry about vulnerabilities.