[FIXED] problems with package install with npm

Issue

Goodnight all.

When I try to install a package I get the error you can see below and nothing installs.

up to date, audited 488 packages in 4s

13 packages are looking for funding
  run `npm fund` for details

8 vulnerabilities (5 moderate, 3 high)

To address all issues, run:
  npm audit fix

Run `npm audit` for details.

So I did npm audit fix but here is what it gets me.

PS C:\Users\Elève\OneDrive - Conseil régional Grand Est - Numérique Educatif\Bureau\wolfyz-bot> npm audit fix
npm WARN audit fix json-schema@0.2.3 node_modules/npm/node_modules/json-schema
npm WARN audit fix json-schema@0.2.3 is a bundled dependency of
npm WARN audit fix json-schema@0.2.3 npm@7.24.2 at node_modules/npm
npm WARN audit fix json-schema@0.2.3 It cannot be fixed automatically.

(I do not put all the Warn because it would be too long. Just below the warm, here is what I have)

    Depends on vulnerable versions of strip-ansi
    node_modules/npm/node_modules/string-width

glob-parent  <5.1.2
Severity: high
Regular expression denial of service - https://github.com/advisories/GHSA-ww39-953v-wcq6
fix available via `npm audit fix`
node_modules/glob-parent
  chokidar  1.0.0-rc1 - 2.1.8
  Depends on vulnerable versions of glob-parent
  node_modules/chokidar
    live-server  >=1.2.0
    Depends on vulnerable versions of chokidar
    node_modules/live-server

json-schema  <0.4.0
Severity: moderate
json-schema is vulnerable to Prototype Pollution - https://github.com/advisories/GHSA-896r-f27r-55mw
fix available via `npm audit fix`
node_modules/npm/node_modules/json-schema
  jsprim  0.3.0 - 1.4.1 || 2.0.0 - 2.0.1
  Depends on vulnerable versions of json-schema
  node_modules/npm/node_modules/jsprim

8 vulnerabilities (5 moderate, 3 high)

To address all issues, run:
  npm audit fix 

In summary, when I do npm audit fix, it advises me to do npm audit fix which I did…
Can you help me please?

Solution

As the output states, it cannot automatically fix it:

npm WARN audit fix json-schema@0.2.3 It cannot be fixed automatically.

You can either ignore it, or manually update json-schema and look for compatibility issues.

Answered By – lxhom

Answer Checked By – Candace Johnson (Easybugfix Volunteer)

Leave a Reply

(*) Required, Your email will not be published