npm install vulnerabilities
-
I don’t know why, but I always got vulnerabilities error on every npm install.
I have tried the following steps.
“npm rebuild”
“npm uninstall --save-dev mocha-logger”
“npm install --save-dev mocha-logger@latest”
“npm install minimist@latest”
“npm update”I also have deleted the entire magic mirror, and try to install it again twice, but still get the same error.
And I also have reinstall raspbian buster for three times, and I still get the same error.┌───────────────┬──────────────────────────────────────────────────────────────┐ │ Low │ Prototype Pollution │ ├───────────────┼──────────────────────────────────────────────────────────────┤ │ Package │ minimist │ ├───────────────┼──────────────────────────────────────────────────────────────┤ │ Patched in │ >=0.2.1 <1.0.0 || >=1.2.3 │ ├───────────────┼──────────────────────────────────────────────────────────────┤ │ Dependency of │ mocha-logger [dev] │ ├───────────────┼──────────────────────────────────────────────────────────────┤ │ Path │ mocha-logger > mocha > mkdirp > minimist │ ├───────────────┼──────────────────────────────────────────────────────────────┤ │ More info │ https://npmjs.com/advisories/1179 │ └───────────────┴──────────────────────────────────────────────────────────────┘ ┌───────────────┬──────────────────────────────────────────────────────────────┐ │ Low │ Prototype Pollution │ ├───────────────┼──────────────────────────────────────────────────────────────┤ │ Package │ minimist │ ├───────────────┼──────────────────────────────────────────────────────────────┤ │ Patched in │ >=0.2.1 <1.0.0 || >=1.2.3 │ ├───────────────┼──────────────────────────────────────────────────────────────┤ │ Dependency of │ spectron [dev] │ ├───────────────┼──────────────────────────────────────────────────────────────┤ │ Path │ spectron > webdriverio > optimist > minimist │ ├───────────────┼──────────────────────────────────────────────────────────────┤ │ More info │ https://npmjs.com/advisories/1179 │ └───────────────┴──────────────────────────────────────────────────────────────┘what’s worse that when I try to install other module. npm install will give me more vulnerabilities error.
I’m a absolute beginner, and I don’t really know what I do wrong, please help me. This mirror thingy is slowly driving me insane.
-
@OneAsianTortoise those are just warnings. Most times u can’t do anything about them
Some fixes will break MagicMirror
-
@sdetweil Noted! Thanks.
-
@OneAsianTortoise I wouldn’t do much about it as well. As @sdetweil said, they are only warnings. Your mirror will run with these warnings.
What I think is unproblematic is running:npm audit fixThese are automatic fixes on the vulnerabilities that are obvious for the system.
I haven’t heard of anyone breaking their software doing this. -
@lavolp3 npm audit fix won’t fix them, but i’m glad to hear that i don’t really have to do anything with them now :D.
