tikzcd-editor icon indicating copy to clipboard operation
tikzcd-editor copied to clipboard

Published 20 hours ago verified publisher icon yishn

Report `error` when `npm run build`

Open scillidan opened this issue 2 years ago • 0 comments

Here is a complete log:

tikzcd-editor λ npm install, and:

npm WARN old lockfile 
npm WARN old lockfile The package-lock.json file was created with an old version of npm,
npm WARN old lockfile so supplemental metadata must be fetched from the registry.
npm WARN old lockfile
npm WARN old lockfile This is a one-time fix-up, please be patient...
npm WARN old lockfile
npm WARN deprecated [email protected]: Please update to ini >=1.3.6 to avoid a prototype pollution issue
npm WARN deprecated [email protected]: Please see https://github.com/lydell/urix#deprecated
npm WARN deprecated [email protected]: this library is no longer supported
npm WARN deprecated [email protected]: See https://github.com/lydell/source-map-resolve#deprecated
npm WARN deprecated [email protected]: Chokidar 2 does not receive security updates since 2019. Upgrade to chokidar 3 with 15x fewer dependencies
npm WARN deprecated [email protected]: https://github.com/lydell/resolve-url#deprecated
npm WARN deprecated [email protected]: See https://github.com/lydell/source-map-url#deprecated
npm WARN deprecated [email protected]: Debug versions >=3.2.0 <3.2.7 || >=4 <4.3.1 have a low-severity ReDos regression when used in a Node.js environment. It is recommended you upgrade to 3.2.7 
or 4.3.1. (https://github.com/visionmedia/debug/issues/797)
npm WARN deprecated [email protected]: Debug versions >=3.2.0 <3.2.7 || >=4 <4.3.1 have a low-severity ReDos regression when used in a Node.js environment. It is recommended you upgrade to 3.2.7 
or 4.3.1. (https://github.com/visionmedia/debug/issues/797)
npm WARN deprecated [email protected]: The querystring API is considered Legacy. new code should use the URLSearchParams API instead.
npm WARN deprecated [email protected]: Please upgrade  to version 7 or higher.  Older versions may use Math.random() in certain circumstances, which is known to be problematic.  See https://v8.dev/blog/math-random for details.
npm WARN deprecated [email protected]: request has been deprecated, see https://github.com/request/request/issues/3142
npm WARN deprecated [email protected]: This package is unmaintained and deprecated. See the GH Issue 259.

added 754 packages, and audited 897 packages in 21s

28 packages are looking for funding
  run `npm fund` for details

22 vulnerabilities (6 moderate, 13 high, 3 critical)

To address issues that do not require attention, run:
  npm audit fix

To address all issues (including breaking changes), run:
  npm audit fix --force

Run `npm audit` for details.


on git master [!] is pkg v0.9.0 via nodejs took 21s

npm audit fix --force, and:

npm WARN using --force Recommended protections disabled.
npm WARN audit fix [email protected] node_modules/tap/node_modules/lodash
npm WARN audit fix [email protected] is a bundled dependency of
npm WARN audit fix [email protected] [email protected] at node_modules/tap
npm WARN audit fix [email protected] It cannot be fixed automatically.
npm WARN audit fix [email protected] Check for updates to the tap package.
npm WARN audit fix [email protected] node_modules/tap/node_modules/log-update/node_modules/ansi-regex
npm WARN audit fix [email protected] is a bundled dependency of
npm WARN audit fix [email protected] [email protected] at node_modules/tap
npm WARN audit fix [email protected] It cannot be fixed automatically.
npm WARN audit fix [email protected] Check for updates to the tap package.
npm WARN audit fix [email protected] node_modules/tap/node_modules/string-length/node_modules/ansi-regex
npm WARN audit fix [email protected] is a bundled dependency of
npm WARN audit fix [email protected] [email protected] at node_modules/tap
npm WARN audit fix [email protected] It cannot be fixed automatically.
npm WARN audit fix [email protected] Check for updates to the tap package.
npm WARN audit fix [email protected] node_modules/tap/node_modules/ansi-regex
npm WARN audit fix [email protected] is a bundled dependency of
npm WARN audit fix [email protected] [email protected] at node_modules/tap
npm WARN audit fix [email protected] It cannot be fixed automatically.
npm WARN audit fix [email protected] Check for updates to the tap package.
npm WARN audit fix [email protected] node_modules/tap/node_modules/minimist
npm WARN audit fix [email protected] is a bundled dependency of
npm WARN audit fix [email protected] [email protected] at node_modules/tap
npm WARN audit fix [email protected] It cannot be fixed automatically.
npm WARN audit fix [email protected] Check for updates to the tap package.
npm WARN audit fix [email protected] node_modules/tap/node_modules/path-parse
npm WARN audit fix [email protected] is a bundled dependency of
npm WARN audit fix [email protected] [email protected] at node_modules/tap
npm WARN audit fix [email protected] It cannot be fixed automatically.
npm WARN audit fix [email protected] Check for updates to the tap package.
npm WARN audit Updating http-server to 14.1.1,which is a SemVer major change.
npm WARN audit Updating webpack to 5.74.0,which is a SemVer major change.
npm WARN ERESOLVE overriding peer dependency
npm WARN While resolving: [email protected]
npm WARN Found: [email protected]
npm WARN node_modules/webpack
npm WARN   peer webpack@">=2" from [email protected]
npm WARN   node_modules/babel-loader
npm WARN     dev babel-loader@"^8.1.0" from the root project
npm WARN   3 more (terser-webpack-plugin, webpack-cli, the root project)
npm WARN
npm WARN Could not resolve dependency:
npm WARN peer webpack@"4.x.x" from [email protected]
npm WARN node_modules/webpack-cli
npm WARN   dev webpack-cli@"^3.3.12" from the root project

added 32 packages, removed 124 packages, changed 52 packages, and audited 805 packages in 6s

34 packages are looking for funding
  run `npm fund` for details

# npm audit report

ansi-regex  4.0.0 - 4.1.0 || 5.0.0
Severity: high
Inefficient Regular Expression Complexity in chalk/ansi-regex - https://github.com/advisories/GHSA-93q8-gq69-wqmw
Inefficient Regular Expression Complexity in chalk/ansi-regex - https://github.com/advisories/GHSA-93q8-gq69-wqmw
fix available via `npm audit fix`
node_modules/tap/node_modules/ansi-regex
node_modules/tap/node_modules/log-update/node_modules/ansi-regex
node_modules/tap/node_modules/string-length/node_modules/ansi-regex

lodash  <=4.17.20
Severity: high
Prototype Pollution in lodash - https://github.com/advisories/GHSA-p6mc-m468-83gw
Command Injection in lodash - https://github.com/advisories/GHSA-35jh-r3h4-6jhm
fix available via `npm audit fix`
node_modules/tap/node_modules/lodash

minimist  <1.2.6
Severity: critical
Prototype Pollution in minimist - https://github.com/advisories/GHSA-xvch-5gv4-984h
fix available via `npm audit fix`
node_modules/tap/node_modules/minimist

path-parse  <1.0.7
Severity: moderate
Regular Expression Denial of Service in path-parse - https://github.com/advisories/GHSA-hj48-42vr-x3v9
fix available via `npm audit fix`
node_modules/tap/node_modules/path-parse

4 vulnerabilities (1 moderate, 2 high, 1 critical)

To address all issues, run:
  npm audit fix

npm run build, and:

> [email protected] build
> npm run format-base -- --check && webpack --mode production


> [email protected] format-base
> prettier "**/*.{js,html,md}" "!{dist/**,bundle.js*}" "--check"

Checking formatting...
[warn] ci\createArtifact.js
[warn] ci\extractInfo.js
[warn] index.html
[warn] README.md
[warn] src\components\App.js
[warn] src\components\CodeBox.js
[warn] src\components\Grid.js
[warn] src\components\GridArrow.js
[warn] src\components\GridCell.js
[warn] src\components\Properties.js
[warn] src\components\Toolbox.js
[warn] src\diagram.js
[warn] src\geometry.js
[warn] src\helper.js
[warn] src\index.js
[warn] src\parser.js
[warn] tests\geometry.test.js
[warn] tests\parser.test.js
[warn] tests\tap-snapshots\parser.test.js-TAP.test.js
[warn] webpack.config.js
[warn] Code style issues found in the above file(s). Forgot to run Prettier?


on git master [!] is pkg v0.9.0 via nodejs took 2s 
tikzcd-editor λ npm install Prettier

changed 1 package, and audited 805 packages in 2s

35 packages are looking for funding
  run `npm fund` for details

4 vulnerabilities (1 moderate, 2 high, 1 critical)

To address all issues, run:
  npm audit fix

Run `npm audit` for details.

Here, it tell me to run Prettier, but I don't know its meaning clearly? I know that have installed prettier.

on git master [!] is pkg v0.9.0 via nodejs took 2s 
tikzcd-editor λ Prettier -v
2.7.1


on git master [!] is pkg v0.9.0 via nodejs 
tikzcd-editor λ where Prettier
C:\Users\scillidan\scoop\apps\nodejs\current\bin\prettier
C:\Users\scillidan\scoop\apps\nodejs\current\bin\prettier.cmd

scillidan avatar Aug 31 '22 01:08 scillidan