it initially says 23 issues but after using audit fix --force, it tries to install some depricated files? i think and the vulnerabilities increase to 56. but after using audit fix force again, it goes back to 23...
PS C:\WORKSPACE\REACT\training\new\hey> npm audit fix --force
npm WARN using --force Recommended protections disabled.
npm WARN audit Updating react-scripts to 4.0.3,which is a SemVer major change.
npm WARN deprecated #hapi/bourne#1.3.2: This version has been deprecated and is no longer supported or maintained
npm WARN deprecated #hapi/topo#3.1.6: This version has been deprecated and is no longer supported or maintained
npm WARN deprecated chokidar#2.1.8: Chokidar 2 will break on node v14+. Upgrade to chokidar 3 with 15x less dependencies.
npm WARN deprecated chokidar#2.1.8: Chokidar 2 will break on node v14+. Upgrade to chokidar 3 with 15x less dependencies.
npm WARN deprecated querystring#0.2.1: The querystring API is considered Legacy. new code should use the URLSearchParams API instead.
npm WARN deprecated sane#4.1.0: some dependency vulnerabilities fixed, support for node < 10 dropped, and newer ECMAScript syntax/features added
Related
guys! so i wanted to install react native expo in my visual studio code then i could not push through because of the following errors,(NodeJS version - v16.17.1)(npm version 8.15.0)
PS F:\Reacts> npm install -g expo-cli
npm WARN deprecated stable#0.1.8: Modern JS already guarantees Array#sort() is a stable sort, so this library is deprecated. See the compatibility table on MDN: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/sort#browser_compatibility
npm WARN deprecated source-map-url#0.4.1: See https://github.com/lydell/source-map-url#deprecated
npm WARN deprecated urix#0.1.0: Please see https://github.com/lydell/urix#deprecated
npm WARN deprecated source-map-resolve#0.5.3: See https://github.com/lydell/source-map-resolve#deprecated
npm WARN deprecated chokidar#2.1.8: Chokidar 2 does not receive security updates since 2019. Upgrade to chokidar 3 with 15x fewer dependencies
npm WARN deprecated chokidar#2.1.8: Chokidar 2 does not receive security updates since 2019. Upgrade to chokidar 3 with 15x fewer dependencies
npm WARN deprecated resolve-url#0.2.1: https://github.com/lydell/resolve-url#deprecated
npm WARN deprecated querystring#0.2.0: The querystring API is considered Legacy. new code should use the URLSearchParams API instead.
npm WARN deprecated uuid#3.4.0: Please upgrade to version 7 or higher. Older versions may/v8.dev/blog/math-random for details.
use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
npm WARN deprecated uuid#3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
npm WARN deprecated uuid#3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
npm WARN deprecated uuid#3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
npm WARN deprecated svgo#1.3.2: This SVGO version is no longer supported. Upgrade to v2.x.x.
changed 1696 packages, and audited 1697 packages in 2m
128 packages are looking for funding
run `npm fund` for details
26 vulnerabilities (6 moderate, 17 high, 3 critical)
To address issues that do not require attention, run:
npm audit fix
To address all issues (including breaking changes), run:
npm audit fix --force
Run `npm audit` for details.
I get these warnings when running
$ npm install --global expo-cli
When I check if everything has been installed it has but I'm not sure if the deprecation warnings will cause a problem later.
In an attempt to fix them I have removed the package-lock.json file and re-run npm install. I've updated to versions on what I can but when I run:
$ npm install --global expo-cli
it doesn't appear to have fixed any of the deprecation warnings at all. Is any of this a concern, if so any idea how to fix it?
npm WARN deprecated topo#2.0.2: This version has been deprecated in accordance with the hapi support policy (hapi.im/support). Please upgrade to the latest version to get the best features, bug fixes, and security patches. If you are unable to upgrade at this time, paid support is available for older versions (hapi.im/commercial).
npm WARN deprecated #hapi/pinpoint#2.0.0: Moved to 'npm install #sideway/pinpoint'
npm WARN deprecated #hapi/formula#2.0.0: Moved to 'npm install #sideway/formula'
npm WARN deprecated urix#0.1.0: Please see https://github.com/lydell/urix#deprecated
npm WARN deprecated har-validator#5.1.5: this library is no longer supported
npm WARN deprecated hoek#4.2.1: This version has been deprecated in accordance with the hapi support policy (hapi.im/support). Please upgrade to the latest version to get the best features, bug fixes, and security patches. If you are unable to upgrade at this time, paid support is available for older versions (hapi.im/commercial).
npm WARN deprecated resolve-url#0.2.1: https://github.com/lydell/resolve-url#deprecated
npm WARN deprecated #hapi/address#4.1.0: Moved to 'npm install #sideway/address'
npm WARN deprecated chokidar#2.1.8: Chokidar 2 will break on node v14+. Upgrade to chokidar 3 with 15x less dependencies.
npm WARN deprecated chokidar#2.1.8: Chokidar 2 will break on node v14+. Upgrade to chokidar 3 with 15x less dependencies.
npm WARN deprecated request#2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142
npm WARN deprecated #hapi/joi#17.1.1: Switch to 'npm install joi'
npm WARN deprecated joi#11.4.0: This version has been deprecated in accordance with the hapi support policy (hapi.im/support). Please upgrade to the latest version to get the best features, bug fixes, and security patches. If you are unable to upgrade at this time, paid support is available for older versions (hapi.im/commercial).
npm WARN deprecated core-js#2.6.12: core-js#<3 is no longer maintained and not recommended for usage due to the number of issues. Please, upgrade your dependencies to the actual version of core-js#3.
I'm attempting to install the Vue CLI with the following command npm install -g #vue/cli.
I get the following output from the terminal:
npm WARN deprecated #hapi/topo#3.1.6: This version has been deprecated and is no longer supported or maintained
npm WARN deprecated #hapi/bourne#1.3.2: This version has been deprecated and is no longer supported or maintained
npm WARN deprecated urix#0.1.0: Please see https://github.com/lydell/urix#deprecated
npm WARN deprecated har-validator#5.1.5: this library is no longer supported
npm WARN deprecated resolve-url#0.2.1: https://github.com/lydell/resolve-url#deprecated
npm WARN deprecated fsevents#1.2.13: fsevents 1 will break on node v14+ and could be using insecure binaries. Upgrade to fsevents 2.
npm WARN deprecated chokidar#2.1.8: Chokidar 2 will break on node v14+. Upgrade to chokidar 3 with 15x less dependencies.
npm WARN deprecated #hapi/address#2.1.4: Moved to 'npm install #sideway/address'
npm WARN deprecated request#2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142
npm WARN deprecated #hapi/hoek#8.5.1: This version has been deprecated and is no longer supported or maintained
npm WARN deprecated #hapi/joi#15.1.1: Switch to 'npm install joi'
changed 1412 packages, and audited 1413 packages in 26s
61 packages are looking for funding
run `npm fund` for details
found 0 vulnerabilities
I then run vue --version and get the following output:
zsh: command not found: vue
Im using NPM v 7.5.1.
Thank you
I'm not sure if this one can help: https://stackoverflow.com/a/62495033/8816585
sudo npm install -g #vue/cli --unsafe-perm
or maybe try to install it with yarn: yarn global add #vue/cli
I'm using the command 'npm -g install parcel-bundler', to install parcel globally and get no error, but then it doesn't seem to be installed.
When i run the command 'parcel --version' i get 'command not found', same for any other 'parcel' commands. I've tried running the 'install' command again and I get a 'parcel-bundler#1.12.4
updated 2 packages in 20.003s'. i have several 'deprecated' warnings, could the problem come from that ?
here they are :
npm WARN deprecated core-js#2.6.12: core-js#<3 is no longer maintained and not recommended for usage due to the number of issues. Please, upgrade your dependencies to the actual version of core-js#3.
npm WARN deprecated chokidar#2.1.8: Chokidar 2 will break on node v14+. Upgrade to chokidar 3 with 15x less dependencies.
npm WARN deprecated fsevents#1.2.13: fsevents 1 will break on node v14+ and could be using insecure binaries. Upgrade to fsevents 2.
npm WARN deprecated resolve-url#0.2.1: https://github.com/lydell/resolve-url#deprecated
npm WARN deprecated urix#0.1.0: Please see https://github.com/lydell/urix#deprecated
npm WARN deprecated request#2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142
npm WARN deprecated request-promise-native#1.0.9: request-promise-native has been deprecated because it extends the now deprecated request package, see https://github.com/request/request/issues/3142
npm WARN deprecated har-validator#5.1.5: this library is no longer supported
/Users/user.npm-packages/bin/parcel -> /Users/user/.npm-packages/lib/node_modules/parcel-bundler/bin/cli.js
Thanks
EDIT : I have tried updating all the deprecated items manually and re-installing Parcel, it didin't fix the problem.
Recently I encountered the same problem and while I don't fully understand why this happens, I manage to find some workarounds to run parcel:
After installation using npm, run the same commands but adding npx before them, for example, I create a server through npx parcel index.html;
Install it using yarn (yarn add parcel-bundler) and then, for example, run a server (yarn parcel index.html). Same deprecated warnings here but they don't prevent the package from running;
Update: if install the package locally there are even more ways.
You can do what npx does under the hood: ./node_modules/.bin/parcel --version;
Create custom shorthand command in package.json. Under scripts object add "server": "parcel index.html". The part before colon can be named anything you like. After that run npm run server and this would work.
npm WARN deprecated gulp-util#3.0.8: gulp-util is deprecated - replace it, following the guidelines at https://medium.com/gulpjs/gulp-util-ca3b1f9f9ac5
npm WARN deprecated natives#1.1.6: This module relies on Node.js's internals and will break at some point. Do not use it, and update to graceful-fs#4.x.
npm WARN deprecated minimatch#2.0.10: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
npm WARN deprecated es6-collections#0.5.6: not actively maintained anymore
npm WARN deprecated request#2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142
npm WARN deprecated left-pad#1.3.0: use String.prototype.padStart()
npm WARN deprecated core-js#1.2.7: core-js#<3 is no longer maintained and not recommended for usage due to the number of issues. Please, upgrade your dependencies to the actual version of core-js#3.
npm WARN deprecated fsevents#1.2.13: fsevents 1 will break on node v14+ and could be using insecure binaries. Upgrade to fsevents 2.
npm WARN deprecated minimatch#0.2.14: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
npm WARN deprecated kleur#2.0.2: Please upgrade to kleur#3 or migrate to 'ansi-colors' if you prefer the old syntax. Visit <https://github.com/lukeed/kleur/releases/tag/v3.0.0\> for migration path(s).
npm WARN deprecated graceful-fs#1.2.3: please upgrade to graceful-fs 4 for compatibility with current and future versions of Node.js
npm WARN deprecated core-js#2.6.11: core-js#<3 is no longer maintained and not recommended for usage due to the number of issues. Please, upgrade your dependencies to the actual version of core-js#3.
npm ERR! Unexpected end of JSON input while parsing near '...MHnnvXS5o2QG0zee9aDVU'
npm ERR! A complete log of this run can be found in:
i have same problem.
it's fixed by updating npm and nodejs to latest version.
to update npm use this command:
npm i -g npm#latest
and for nodejs, you can download it manually from nodejs website:
https://nodejs.org/en/download/