Home > Enterprise >  Cannot tell whether Node 16 NPM 8 invocation is succeeding or failing
Cannot tell whether Node 16 NPM 8 invocation is succeeding or failing

Time:04-18

New to Node and NPM and trying to play around with babylon.js. I installed NVM and switched to Node 16 using nvm use 16. Then I upgraded NPM via npm install -g [email protected]. So far so good.

Then, just like the docs say, I attempt to install the Babylon modules:

npm install babylonjs --save

However the output for this command is:

npm WARN deprecated [email protected]: See https://github.com/lydell/source-map-url#deprecated
npm WARN deprecated [email protected]: Please see https://github.com/lydell/urix#deprecated
npm WARN deprecated [email protected]: https://github.com/lydell/resolve-url#deprecated
npm WARN deprecated [email protected]: See https://github.com/lydell/source-map-resolve#deprecated
npm WARN deprecated [email protected]: fsevents 1 will break on node v14  and could be using insecure binaries. Upgrade to fsevents 2.
npm WARN deprecated [email protected]: Chokidar 2 does not receive security updates since 2019. Upgrade to chokidar 3 with 15x fewer dependencies
npm WARN deprecated [email protected]: fsevents 1 will break on node v14  and could be using insecure binaries. Upgrade to fsevents 2.
npm WARN deprecated [email protected]: Chokidar 2 does not receive security updates since 2019. Upgrade to chokidar 3 with 15x fewer dependencies
npm WARN deprecated [email protected]: The querystring API is considered Legacy. new code should use the URLSearchParams API instead.
npm WARN deprecated [email protected]: 3.x is no longer supported
npm WARN deprecated [email protected]: This SVGO version is no longer supported. Upgrade to v2.x.x.

added 952 packages, removed 4 packages, changed 31 packages, and audited 1162 packages in 34s

87 packages are looking for funding
  run `npm fund` for details

21 vulnerabilities (8 moderate, 12 high, 1 critical)

To address all issues, run:
  npm audit fix

Run `npm audit` for details.

I would expect to see a friendly message that says something like:

"The babylonjs modules have been successfully installed"

That's the type of message you'd get using a mature build system such as Maven or Gradle. Or, if it failed, I'd expect to see something like:

"Failure: NPM failed to install the modules because of X"

But instead I see a bunch of unsettling versioning/security (vulnerabilities detected) warnings and a message that reads:

To address all issues, run:
  npm audit fix

Run `npm audit` for details.

This leaves me with several unsettling feelings. The main question here is: Did the command succeed? Are the babylonjs modules installed? Did they install correctly? How can I tell? My current directory is still empty...

However, as an aside: do I need to be concerned about all of these warnings? Did they prevent the babylonjs modules from installing properly?

With Maven or Gradle, it will tell you (clear as day) whether your CLI invocation failed or succeeded, but this output is neither.

CodePudding user response:

Don't worry, the installation did occur and from the looks of it, it was successful.

Everything else you are seeing is as a result of the interconnectedness and vastness of the npm ecosystem. The warnings at the top refer to nested dependencies of babylon.js, which may have been deprecated in favour of other modules. There is nothing you can do about this.

However, if you are feeling very keen and you know the authors whose libraries depend on these deprecated ones, you can ask them (nicely) to release new versions of their package without those deprecated packages; Then ask the authors babylon.js (once again, nicely) to upgrade their dependencies to the version released by those authors.


tl;dr

The warnings about vulnerabilities, followed by the command (npm audit fix) to fix them is probably the most you can do just to be safe. Run the command and continue your work.

  • Related