How can I correct dependency errors in a project?


(Maria Cruz) #1

Hi, I have this problem when installing dependencies in a project. As much as I have searched for information, I can not find a solution. This comes to me in all the projects that I create in npm. I’m working on Ubuntu 18.04 Can you help me?

npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.2.4 (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.4: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.2.7 (node_modules/chokidar/node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.7: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})

EDITO:
If I do npm i-redux react-router react-router-sun react-redux redux-thunk outside the React project, I have no vulnerability problems, but if I run
npm i -S redux react-router react-router-sun react-redux redux-thunk within the React project, I get the following vulnerability error:

  + redux-thunk@2.3.0
    + react-router-dom@4.3.1
    + redux@4.0.1
    + react-redux@6.0.1
    + react-router@4.3.1
    added 15 packages from 8 contributors and audited 36310 packages in 16.985s
    found 63 low severity vulnerabilities
      run `npm audit fix` to fix them, or `npm audit` for details

Thank you.


(Lars Willighagen) #2

Optional dependency are generally not needed, or have fallback in place. In this case, fsevents is a Mac-only package that fills in functionality that already works properly on other platforms (mostly). Either way, whether it’s not supported or not needed on platforms other than Mac it shouldn’t be a problem that you don’t have it.


(Maria Cruz) #3

So, should not I worry?
I have more vulnerability problems that I do not know how to correct.
Forget to put them when asking the question.
I’m going to edit it to add the vulnerabilities


(Lars Willighagen) #4

The vulnerabilities are a way for npm to let developers know they are using an older version of a package that is known to cause (security) problems. In your case they are low severity, so it probably isn’t very bad, but it’s always better to update if you can. You can see a list of the vulnerabilities by running

npm audit

and update them like you would update a package normally, or update them all at once by running

npm audit fix

(Maria Cruz) #5

Thank you, @ larsgw, and run npm audit fix and show me again:

added 15 packages from 8 contributors and audited 36310 packages in 16.985s
found 63 low severity vulnerabilities
run npm audit fix to fix them, or npm audit for details

That’s why I’ve turned for help


(system) closed #6

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.