So, in my package.json I have, in dependencies, besides some npm modules, some private git repositories from my company:
devDependencies": {
"async": "^0.9.0",
"build-tools": "git+ssh://git#github.com/mycompany/repo.git#master",
"chai": "^1.9.2",
"download": "^0.2.1",
.....
}
If i run npm install, it's working almost everywhere.
We mostly use Macs, but there's also another colleague running gitbash on windows and he has no problems with it.
I have a colleague with the same setup, windows and gitbash, that when we try to run npm install he gets the error:
fatal: ambiguous argument 'origin/HEAD': unknown revision or path not in the working tree
Also, when we change #master to #commit-sha npm installs successfully, so it's not a problem with authentication or whatever.
He is running Git for windows 1.9.4 and npm#latest (2.2.0).
Any help will be much appreciated.
Apparently cleaning up the npm-cache in the [USER]\AppData\Roaming\ folder, then re-installing npm fixes the problem.
Related
I am getting 6 vulnerabilities after running npm audit report:
I tried a solution and overridden the vulnerable versions of a particular package with their latest versions in package.json file like this:
"overrides": {
"nth-check": "2.1.1",
"#svgr/webpack": "6.5.1",
"#svgr/plugin-svgo": "6.5.1",
"svgo": "3.0.1",
"css-select": "5.1.0"
}
Then I updated the npm packages with npm update. But it did not change the result.
Tried another solution by making a resolution object in package.json and specified specific versions of a particular package, and ran it using npx i npm-force-resolutions but it gives this error:
npm ERR! could not determine executable to run.
But I am still unable to fix the npm vulnerabilities. Please help!
You should delete both node_modules and package-lock.json before launching npm install again; this will require more time to install all dependencies, but this will override all the version that are currently installed (it will bring also minor updates in dependencies).
Also, for this vulnerability, you only need to override nth-check. You can see the changes by executing npm list nth-check with and without the override (remember to delete both node_modules and package-lock.json).
I have recently updated a project where the last udpate was about a month ago, but failed to deploy to the server. After some investigation, it is because it is stuck in npm install, or more precisely, stuck at a line saying
This sutck happens on different package when trying on different machine, so it seems to be related to npm instead of any package.
I have made no changes to the package.json, only on some other javascript files. Also, the last deploy was about a month ago. In other words, the npm install can be run without problem last month.
This problem can be replicated by copying the package.json file to an empty folder and run npm install. The package.json file:
{
"private": true,
"devDependencies": {
"gulp": "^3.9.1",
"laravel-elixir": "^6.0.0-14",
"laravel-elixir-webpack-official": "^1.0.2",
"node-sass": "^4.5.3"
},
"dependencies": {
"eventemitter3": "https://registry.npmjs.org/eventemitter3/-/eventemitter3-1.2.0.tgz"
}
}
I am using node 11.15.0, npm 6.7.0 through nvm. As it is a running project on live, upgrading or downgrading node and npm version is not an option without some careful planning, and seems to be an overkill at the moment.
For reference, I noticed that there is an outage in npmjs registory recently, but it seems to be fixed, so I am not sure if it is related. Have anyone had similar problem recently? Or any suggestion on how to solve this problem?
I am pretty new to this environment still and am trying to get up to speed on node.js modules and Laravel (5.1.11) as a whole, so...
I have a fresh install of Laravel implemented by the cPanel Installitron. I'm using PHPStorm to install all of the node modules via the provided package.json:
package.json
{
"private": true,
"devDependencies": {
"gulp": "^3.8.8"
},
"dependencies": {
"laravel-elixir": "^3.0.0",
"bootstrap-sass": "^3.0.0"
}
}
The error I get when I run the install is:
Cannot download "https://github.com/sass/node-sass/releases/download/v3.13.1/win32-x64-57_binding.node":
HTTP error 404 Not Found
I can understand why this would happen, seeing as that is an older version of node-sass, but how do I know what newer versions are compatible with the requested version of laravel-elixir? I didn't want to just install a newer version of node-sass because digging a deeper hole would make it harder for me to find a solution to my problem. What is the fix for this?
It looks like you can fix this by installing Windows Build Tools via this command:
npm install --global --production windows-build-tools
Then delete the project's node_modules folder and re-run npm install.
Just follow this official url well doc.: https://laravel.com/docs/5.3/elixir if you get any error. I just comment and i ll be here.
Scenario 1
Terminal: Windows cmd
node version: v8.0.0
npm version: v5.5.1
I have a package.json where I specifically mention
"#swimlane/ngx-charts": "^7.3.0",
"#swimlane/ngx-graph": "^4.3.0",
These have a subdependency on d3-scale.
In this scenario the npm install command installs d3-scale: v2.0.0 which has dist/ folder in it. (Note: I use d3-scale/dist in a systemjs.config.js file for an Angular App)
Scenario 2
Terminal: Windows Subsystem For Linux (bash for ubuntu for windows)
node version: v8.11.1
npm version: v5.6.0
I perform npm install with the same package.json and this time it provides me with d3-scale: v1.0.7 which has build/ folder instead of dist/ quick comparison on d3-scale.
Now because of this discrepancy I had to change my systemjs.config.js to point to build for a local machine.
If the app gets deployed on the server or a cloud I am not sure which d3-scale it might download in the node_modules and I might have to commit a hotfix for it.
Question
Why is there a discrepancy in the first place? What is causing this?
It seems that the NPM team resolved an issue in v5.6.0.
Fully cross-platform package-lock.json. Installing a failing optional
dependency on one platform no longer removes it from the dependency
tree, meaning that package-lock.json should now be generated
consistently across platforms!
Source
So try to upgrade your windows NPM to v5.6.0. It should work now.
I have a colleague who's having issues with npm install, I'm wondering if anyone else has had the same issue...
Win 10 x64
Node 8.9.3
Global npm packages installed:
npm 5.6.0
rimraf 2.6.2
(We have multiple PCs all running identical node/npm versions for consistency, so this can't be updated on a whim)
We have a package json with a dev dependency of "typescript": ^"2.0.6"
On all other dev machines, doing npm install on a fresh clone of our repo (no node_modules / typings), we get given typescript 2.7.2, the latest minor version of typescript to date.
On this one machine, we are given 2.6.2, consistently.
We have completely uninstalled node, removed %UserProfile%\AppData\Roaming\npm & %UserProfile%\AppData\Roaming\npm-cache to no avail.
For completeness we have also run npm cache verify.
Any thoughts would be appreciated, we are stumped.
Might be the same problem here. I think below link helps you to get more about working with package versions.
as you specified that you have a package.json with a dev dependency of "typescript": ^"2.0.6".
Just try by replacing the below line in your package.json file.
"typescript": "exact version you needed"
Ex. "typescript": "2.0.6"
Including with this before running npm install just delete the package-lock.json file from your projects root directory if any.
Should I manually update dependencies versions in the package.json after creating a new project with npm?