Comments (8)
Two places to look:
- Run 'npm install' in client and server subdirectories, see vulnerabilities listed.
- See https://github.com/Greenstand/treetracker-admin/network/alerts
from treetracker-admin-api.
So I am getting the following warning signs:
#This is on client folder
[email protected] install /Users/me/React/treetracker-admin/client/node_modules/chokidar/node_modules/fsevents
node install
node-pre-gyp WARN Using request for node-pre-gyp https download
#None on server
➜ server git:(master) ✗ npm install
added 558 packages in 8.021s
from treetracker-admin-api.
That's interesting.
@misterinterrupt Is it possible that last round of npm audit we did fixed the modules, but that the setup of node of my personal laptop still have old global packages or something.
@misterinterrupt does npm i show audit warnings on your computer?
@achock Can you also look into the issues reported by github itself ? image below..
from treetracker-admin-api.
@deepwinter
I am getting a 404 on this link.
https://github.com/Greenstand/treetracker-admin/network/alerts
from treetracker-admin-api.
@achock I invited you to Greenstand, but I'm not sure you accepted yet. You probably don't have access to the link, that's why I pasted the image above in my previous message.
from treetracker-admin-api.
(master):~/PROJECTS/treetracker-admin$ cd client/
(master):~/PROJECTS/treetracker-admin/client$ npm i
npm WARN [email protected] requires a peer of enzyme@^3.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of typescript@* but none is installed. You must install peer dependencies yourself.
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: [email protected] (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for [email protected]: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: [email protected] (node_modules/chokidar/node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for [email protected]: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
removed 6 packages, updated 1 package and audited 49002 packages in 8.878s
found 72 vulnerabilities (63 low, 9 high)
run `npm audit fix` to fix them, or `npm audit` for details
(master)$ npm audit fix
npm WARN [email protected] requires a peer of enzyme@^3.0.0 but none is installed. You must install peer dependencies yourself.
npm WARN [email protected] requires a peer of typescript@* but none is installed. You must install peer dependencies yourself.
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: [email protected] (node_modules/react-scripts/node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for [email protected]: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: [email protected] (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for [email protected]: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: [email protected] (node_modules/chokidar/node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for [email protected]: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
up to date in 7.979s
fixed 4 of 72 vulnerabilities in 49002 scanned packages
68 vulnerabilities required manual review and could not be updated
from treetracker-admin-api.
the warnings are coming from packages that are not updated by their maintainers to fix their dependencies yet, you can see what is not up to date, by running npm outdated
we could try beta versions, but I don't think it is super important right now.
once certain pkgs are on their next version like say..
react-scripts
latest: 2.1.8 next: 3.0.0-next.b0cbf2ca
then we will likely see those warnings go down in number.
on this topic, if anyone is dying to do npm fun stuff, one could move the dev dependencies into the dev dependencies category in the package.json..
but otherwise, leave it
from treetracker-admin-api.
I think separating the dev dependencies is worth doing, it's a best practice.
from treetracker-admin-api.
Related Issues (20)
- Add tokenId to tree record
- Per-species capture count queries are very slow
- Non-admin users cannot change their password
- `createdAt` missing from `user` object in `login` response
- Generate OpenAPI spec
- Planter `imageRotation` field
- Planter `imageRotation` should be optional
- Upgrade to Node 16 HOT 1
- Planter attributes are snake case instead of camel case
- Species: Only query capture count if user has permission to manage species HOT 3
- Filtering trees by Any Tag Set returns duplicate records HOT 3
- Reinstate LoopBack explorer HOT 1
- Ambassador timing out requests after 30 seconds
- v2 grower does not show location or registered at date HOT 3
- Earnings Bugs HOT 2
- Payment page: The filter function Bug HOT 4
- The CSV upload does not support semicolon as separator HOT 8
- Payment date column has no values HOT 1
- Adding Species to the list does not work HOT 3
- Try to use new SQL to query tree list filtered by organization
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from treetracker-admin-api.