Welcome to ShenZhenJia Knowledge Sharing Community for programmer and developer-Open, Learning and Share
menu search
person
editAsk a Question
Welcome To Ask or Share your Answers For Others

Categories

lodash版本过低无法npm install

in Technique[技术] by (71.8m points)

环境介绍

框架 版本
npm 6+
vue 2+
node 12+
win 10

问题描述

从git上面下载vue-admin-temp项目,本地执行

Step1:
$>npm i -S
found 1 high severity vulnerability
Step2:
$>npm audit
Package         lodash     
Patched in      >=4.17.12   
Dependency of   runjs [dev]   
Path            runjs > microcli > lodash  
More info       https://npmjs.com/advisories/1065  
Step3:
$>npm audit fix
Step4:
$>npm audit fix --force
Step5:
$>npm audit

均无效。。。。求大神帮忙!!!!!
image.png
自己想到的版本就是一个个的找,然后升级相应的包,但是有的包已经是最新的版本了无法再升级,没辙,难道要回退npm的版本到5?


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
thumb_up_alt 0 like thumb_down_alt 0 dislike
424 views
Welcome To Ask or Share your Answers For Others

1 Answer

by (71.8m points)

你不用管 node_modules 里面的东西,只需要把自己的 package.json 管好就行了。npm audit fix --force 要慎用,小心引起版本冲突把程序搞来不可用。

你给那个链接中提到 lodash 4.17.12 已经解决了问题

Update to version 4.17.12 or later.

目前 lodash 已经发布了 4.17.15,所以 npm audit fix 理论上是可以解决这个问题的。如果实在解决不了,就忍了吧。

BTW1:回退到 npm5 并不能解决问题,只是把问题隐藏了

BTW2:如果你把 vue-admin-temp 的地址给出来,我还可以帮你试验一下


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
thumb_up_alt 0 like thumb_down_alt 0 dislike
Welcome to ShenZhenJia Knowledge Sharing Community for programmer and developer-Open, Learning and Share

Just Browsing Browsing

548k questions

547k answers

4 comments

86.3k users

Most popular tags

Theme made by Momin Raza, Modified by Ostack
Powered by Question2Answer
...