0

So im new to coding and wanted to recode a program, but for doing that i need to get the programm running to understand it. However when i run npm install in the cmd this pops up

    up to date, audited 364 packages in 1s

16 packages are looking for funding
  run `npm fund` for details

5 moderate severity vulnerabilities

To address all issues, run:
  npm audit fix

Run `npm audit` for details.

I tried everything but cant get it to work (npm audit fix doesnt work) Do I need to update these packages? npm fund:

    [email protected]
+-- https://github.com/chalk/chalk?sponsor=1
| | `-- [email protected]
| `-- https://github.com/chalk/ansi-styles?sponsor=1
|     `-- [email protected]
+-- https://github.com/sponsors/isaacs
|   `-- [email protected], [email protected], [email protected], [email protected], [email protected]
+-- https://github.com/sponsors/sindresorhus
|   `-- [email protected], [email protected], [email protected]
+-- https://github.com/sponsors/ljharb
|   `-- [email protected]
+-- https://github.com/sponsors/feross
|   `-- [email protected], [email protected], [email protected], [email protected]
`-- https://github.com/sponsors/epoberezkin
    `-- [email protected]

This happens when using audit fix --force

C:\Users\pepar\Desktop\program>npm audit fix --force
npm WARN using --force Recommended protections disabled.
npm WARN audit fix [email protected] node_modules/npm/node_modules/json-schema
npm WARN audit fix [email protected] is a bundled dependency of
npm WARN audit fix [email protected] [email protected] at node_modules/npm
npm WARN audit fix [email protected] It cannot be fixed automatically.
npm WARN audit fix [email protected] Check for updates to the npm package.
npm WARN audit fix [email protected] node_modules/npm/node_modules/cli-table3/node_modules/ansi-regex
npm WARN audit fix [email protected] is a bundled dependency of
npm WARN audit fix [email protected] [email protected] at node_modules/npm
npm WARN audit fix [email protected] It cannot be fixed automatically.
npm WARN audit fix [email protected] Check for updates to the npm package.
npm WARN audit fix [email protected] node_modules/npm/node_modules/string-width/node_modules/ansi-regex
npm WARN audit fix [email protected] is a bundled dependency of
npm WARN audit fix [email protected] [email protected] at node_modules/npm
npm WARN audit fix [email protected] It cannot be fixed automatically.
npm WARN audit fix [email protected] Check for updates to the npm package.
npm WARN audit fix [email protected] node_modules/npm/node_modules/jsprim
npm WARN audit fix [email protected] is a bundled dependency of
npm WARN audit fix [email protected] [email protected] at node_modules/npm
npm WARN audit fix [email protected] It cannot be fixed automatically.
npm WARN audit fix [email protected] Check for updates to the npm package.
npm WARN audit fix [email protected] node_modules/npm/node_modules/string-width/node_modules/strip-ansi
npm WARN audit fix [email protected] is a bundled dependency of
npm WARN audit fix [email protected] [email protected] at node_modules/npm
npm WARN audit fix [email protected] It cannot be fixed automatically.
npm WARN audit fix [email protected] Check for updates to the npm package.
npm WARN audit fix [email protected] node_modules/npm/node_modules/string-width
npm WARN audit fix [email protected] is a bundled dependency of
npm WARN audit fix [email protected] [email protected] at node_modules/npm
npm WARN audit fix [email protected] It cannot be fixed automatically.
npm WARN audit fix [email protected] Check for updates to the npm package.

up to date, audited 364 packages in 2s

16 packages are looking for funding
  run `npm fund` for details

# npm audit report

ansi-regex  >2.1.1 <5.0.1
Severity: moderate
 Inefficient Regular Expression Complexity in chalk/ansi-regex - https://github.com/advisories/GHSA-93q8-gq69-wqmw
fix available via `npm audit fix`
node_modules/npm/node_modules/cli-table3/node_modules/ansi-regex
node_modules/npm/node_modules/string-width/node_modules/ansi-regex
  strip-ansi  4.0.0 - 5.2.0
  Depends on vulnerable versions of ansi-regex
  node_modules/npm/node_modules/string-width/node_modules/strip-ansi
    string-width  2.1.0 - 4.1.0
    Depends on vulnerable versions of strip-ansi
    node_modules/npm/node_modules/string-width

json-schema  <0.4.0
Severity: moderate
json-schema is vulnerable to Prototype Pollution - https://github.com/advisories/GHSA-896r-f27r-55mw
fix available via `npm audit fix`
node_modules/npm/node_modules/json-schema
  jsprim  0.3.0 - 1.4.1 || 2.0.0 - 2.0.1
  Depends on vulnerable versions of json-schema
  node_modules/npm/node_modules/jsprim

5 moderate severity vulnerabilities

To address all issues, run:
  npm audit fix
Improve this question

2 Answers 2

Reset to default
1

What happens here is all fine.

The messages you see are not errors, and are normal. They just warn you that some dependencies (and dependencies of dependencies) have vulnerability issues that have been reported, and running the command npm audit fix --force just applies the fixes that have been released by upgrading those packages.

The reason it warns you is to let you know that some packages now have a newer version installed, and it may (extremely rarely, it never happened to me yet) break something if the newest version introduced a bug for example.

Also some packaged cannot be fixed automatically, and the reason for that are stated in the error message.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Thanks that was helpfull understanding the problem!
0

Firstly, You need to update packages using npm update --save/--save-dev -f. Then, issue this command: npm audit fix --force You can find more information about auditing here

Improve this answer

2 Comments

i tried that but it doesnt seem to fix my problem.
Idk whats the problem, because my Friend is using the exact same program but for him everything is working wich is kinda strange...

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.