multer-gridfs-storage
multer-gridfs-storage copied to clipboard
devconcept
Warning / Errors when using Multer latest version
Describe the bug When using multer version ^1.4.5-lts.1 as well as the latest version of this plugin we get the following error
npm WARN multer@"^1.4.5-lts.1" from the root project
npm WARN
npm WARN Could not resolve dependency:
npm WARN peer multer@"^1.4.2" from [email protected]
npm WARN node_modules/multer-gridfs-storage
npm WARN multer-gridfs-storage@"^5.0.2" from the root project
npm WARN
npm WARN Conflicting peer dependency: [email protected]
npm WARN node_modules/multer
npm WARN peer multer@"^1.4.2" from [email protected]
npm WARN node_modules/multer-gridfs-storage
npm WARN multer-gridfs-storage@"^5.0.2" from the root project
Environment "multer": "^1.4.5-lts.1", "multer-gridfs-storage": "^5.0.2",
-
I'm using
multer-gridfs-storageversion "multer": "^1.4.5-lts.1", -
My installed MongoDb version is "mongodb": "^4.5.0",
-
I have Multer ^1.4.5-lts.1 installed to upload files
-
The Node version used to run the code is v17.9.0
-
I'm using Mongoose connection objects to create storage instances. The Mongoose version installed is ^6.3.5
To Reproduce Create a project with this as your package.json
{
"name": "projectname",
"version": "0.1.0",
"private": true,
"scripts": {
"dev": "next dev",
"build": "next build",
"start": "next start",
"lint": "next lint"
},
"dependencies": {
"@next-auth/mongodb-adapter": "^1.0.3",
"@turf/circle": "^6.5.0",
"@turf/turf": "^6.5.0",
"axios": "^0.27.2",
"bootstrap": "^5.1.3",
"bootstrap-daterangepicker": "^3.1.0",
"crypto-js": "^4.1.1",
"d3-request": "^1.0.6",
"date-fns": "^2.28.0",
"formidable": "^2.0.1",
"gridfs-stream": "^1.1.1",
"jquery": "^3.6.0",
"mapbox-gl": "^2.8.2",
"micro": "^9.3.4",
"moment": "^2.29.3",
"mongodb": "^4.5.0",
"mongoose": "^6.3.5",
"multer": "^1.4.5-lts.1",
"multer-gridfs-storage": "^5.0.2",
"multiparty": "^4.2.3",
"next": "12.1.5",
"next-auth": "^4.3.1",
"next-connect": "^0.12.2",
"react": "18.0.0",
"react-bootstrap": "^2.3.1",
"react-bootstrap-daterangepicker": "^7.0.0",
"react-dom": "18.0.0",
"react-map-gl": "^7.0.12",
"recharts": "^2.1.10",
"uuid": "^8.3.2"
},
"devDependencies": {
"eslint": "8.13.0",
"eslint-config-next": "12.1.5"
}
}
Expected behavior no error or warnings.
@devconcept Can we please roll this out, How would I do this without it being official? As who knows how long this will take to be approved?
I changed manually the version needed
"peerDependencies": { "multer": "^1.4.5-lts.1" },
But seems I can't remove the warning when I install new scripts.
Looks like this issue is caused by the non-standard semver naming scheme multer has chosen to employ:
> semver.satisfies('1.4.5-lts.1', '^1.4.2')
false
> semver.satisfies('1.4.5', '^1.4.2')
true
Given that <1.4.5 is now considered insecure, bumping the dep version to =1.4.5-lts.1 would still be a good idea until the upstream(?) issue is resolved.
Yes but how do you do that I changed it in the node_model folder but it won't recompile.
Changing it in node_modules/multer-gridfs-storage/package.json probably wonāt stick because the next time npm install is run, the change is being overwritten. I āsolvedā the issue by forking this repo, changing the dependency to ^1.4.5-lts, running npm i so that package-lock.json would be updated as well, committed and pushed. Then, in my actual project, I changed the dependency from "multer-gridfs-storage": "^5.0.2" to "multer-gridfs-storage": "github:habur/multer-gridfs-storageā. Itās not ideal since I now have to undo that as soon as either @devconcept updates anything, expressjs/multer reverts their decision on versioning schemes or npm and/or semver support MAJ.MIN.PAT-tag.# format.
I mean why forking when there is already pull request here, please merge it
