I am trying to install axios for a MERN app but every time I use "npm install" it gives me this:
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: [email protected] (node_modules\fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for [email protected]: wanted {"os":"darwin","arch":"any"} (current: {"os":"win32","arch":"x64"})
audited 241 packages in 1.113s
30 packages are looking for funding
run `npm fund` for details
found 1 moderate severity vulnerability
run `npm audit fix` to fix them, or `npm audit` for details
running "npm audit fix" shows:
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: [email protected] (node_modules\fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for [email protected]: wanted {"os":"darwin","arch":"any"} (current: {"os":"win32","arch":"x64"})
up to date in 0.874s
30 packages are looking for funding
run `npm fund` for details
fixed 0 of 1 vulnerability in 241 scanned packages
1 vulnerability required manual review and could not be updated
for "npm audit":
=== npm audit security report ===
Manual Review
Some vulnerabilities require your attention to resolve
Visit https://go.npm.me/audit-guide for additional guidance
Moderate Got allows a redirect to a UNIX socket
Package got
Patched in >=11.8.5
Dependency of nodemon [dev]
Path nodemon > update-notifier > latest-version > package-json >
got
More info https://github.com/advisories/GHSA-pfrx-2q88-qq97
found 1 moderate severity vulnerability in 241 scanned packages
1 vulnerability requires manual review. See the full report for details.
I tried updating "got" in package-lock.json by manually replacing it's current version with a stable one, but then when I run npm install again, the file reverts back to it's original state. I'm fairly new to this so is that normal or am I updating the wrong way? I tried the same for update-notifier but it does the same thing. It's been days and I've tried countless other things but the warning just won't go away. I'd greatly appreciate any help. Thanks in advance.
CodePudding user response:
You stated that you've tried updating the package-lock file, but you should be updating the package.json file instead. You can also try some other common fixes below.
1 - Delete your package-lock.json
2 - Delete your node_modules folder
3 - Try npm install again
Quoted from here.
CodePudding user response:
If you want npm to install from package-lock.json
run npm ci