Я клонировал репозиторий, его приложение стека MEAN, первое, что я сделал, было npm install. но в конце он сказал
added 1580 packages from 1887 contributors and audited 15249 packages in 281.586s
found 18 vulnerabilities (5 low, 12 moderate, 1 high)
run `npm audit fix` to fix them, or `npm audit` for details
Я попытался npm audit fix, и он сказал
up to date in 15.221s
fixed 0 of 18 vulnerabilities in 15249 scanned packages
9 vulnerabilities required manual review and could not be updated
4 package updates for 9 vulnerabilities involved breaking changes
(use `npm audit fix --force` to install breaking changes; or refer to `npm audit` for steps to fix these manually)
вот список моих установленных пакетов
D:\Opticare\opticare>npm list -depth=0
opticare@0.0.0 D:\Opticare\opticare
+-- UNMET PEER DEPENDENCY @angular/animations@5.2.11
+-- @angular/cli@1.7.4
+-- UNMET PEER DEPENDENCY @angular/common@5.2.11
+-- UNMET PEER DEPENDENCY @angular/compiler@5.2.11
+-- @angular/compiler-cli@5.2.11
+-- UNMET PEER DEPENDENCY @angular/core@5.2.11
+-- UNMET PEER DEPENDENCY @angular/forms@5.2.11
+-- @angular/http@5.2.11
+-- UNMET PEER DEPENDENCY @angular/platform-browser@5.2.11
+-- UNMET PEER DEPENDENCY @angular/platform-browser-dynamic@5.2.11
+-- @angular/router@5.2.11
+-- @auth0/angular-jwt@2.1.2
+-- @ng-bootstrap/ng-bootstrap@3.3.1
+-- @swimlane/ngx-charts@7.4.0
+-- @types/datatables.net@1.10.18
+-- @types/jasmine@2.8.16
+-- @types/jquery@3.3.31
+-- @types/node@6.0.118
+-- @types/systemjs@0.20.7
+-- angular-archwizard@3.0.0
+-- angular-datatables@6.0.1
+-- angular2-csv@0.2.9
+-- angular2-spinner@1.0.10
+-- bcrypt-nodejs@0.0.3
+-- chalk@2.4.2
+-- chart.js@2.9.3
+-- codelyzer@4.5.0
+-- core-js@2.6.11
+-- cron@1.8.2
+-- datatables.net@1.10.20
+-- datatables.net-dt@1.10.20
+-- express@4.17.1
+-- file-saver@1.3.8
+-- googleapis@35.0.0
+-- http-errors@1.7.3
+-- jasmine-core@2.8.0
+-- jasmine-spec-reporter@4.2.1
+-- jodit-angular@1.0.86
+-- jquery@3.4.1
+-- jsonwebtoken@8.5.1
+-- jwt-decode@2.2.0
+-- karma@2.0.5
+-- karma-chrome-launcher@2.2.0
+-- lodash@4.17.15
+-- moment@2.24.0
+-- moment-timezone@0.5.27
+-- mongoose@5.8.10
+-- mongoose-paginate@5.0.3
+-- multer@1.4.2
+-- ng2-nouislider@1.8.2
+-- ngx-bootstrap@2.0.5
+-- ngx-chips@1.9.8
+-- ngx-toastr@6.5.0
+-- node-cron@1.2.1
+-- node-sass@4.13.1
+-- nodemailer@4.7.0
+-- nouislider@11.1.0
+-- UNMET PEER DEPENDENCY rxjs@5.5.12
+-- shortid@2.2.15
+-- ts-helpers@1.1.2
+-- UNMET PEER DEPENDENCY tslint@^5.0.0
+-- twilio@3.39.3
+-- UNMET PEER DEPENDENCY typescript@2.9.2
+-- xlsx@0.13.5
`-- zone.js@0.8.29
npm ERR! peer dep missing: @angular/animations@^6.0.0, required by ngx-chips@1.9.8
npm ERR! peer dep missing: @angular/common@>=6.0.0, required by @auth0/angular-jwt@2.1.2
npm ERR! peer dep missing: @angular/common@^6.1.0, required by @ng-bootstrap/ng-bootstrap@3.3.1
npm ERR! peer dep missing: @angular/common@^6.0.0, required by angular-datatables@6.0.1
npm ERR! peer dep missing: @angular/common@^6.0.0-rc.0 || ^6.0.0, required by angular2-csv@0.2.9
npm ERR! peer dep missing: @angular/common@^6.0.0, required by ngx-chips@1.9.8
npm ERR! peer dep missing: @angular/compiler@^6.0.0, required by angular-datatables@6.0.1
npm ERR! peer dep missing: @angular/core@^6.1.0, required by @ng-bootstrap/ng-bootstrap@3.3.1
npm ERR! peer dep missing: @angular/core@^6.0.0, required by angular-datatables@6.0.1
npm ERR! peer dep missing: @angular/core@^6.0.0-rc.0 || ^6.0.0, required by angular2-csv@0.2.9
npm ERR! peer dep missing: @angular/core@^6.0.0, required by ngx-chips@1.9.8
npm ERR! peer dep missing: @angular/forms@^6.1.0, required by @ng-bootstrap/ng-bootstrap@3.3.1
npm ERR! peer dep missing: @angular/forms@^6.0.0, required by ngx-chips@1.9.8
npm ERR! peer dep missing: @angular/platform-browser@^6.0.0, required by angular-datatables@6.0.1
npm ERR! peer dep missing: @angular/platform-browser-dynamic@^6.0.0, required by angular-datatables@6.0.1
npm ERR! peer dep missing: rxjs@^6.0.0, required by @ng-bootstrap/ng-bootstrap@3.3.1
npm ERR! peer dep missing: rxjs@^6.1.0, required by angular-datatables@6.0.1
npm ERR! peer dep missing: rxjs@^6.1.0, required by ngx-chips@1.9.8
npm ERR! peer dep missing: typescript@>=2.4.2 <2.7, required by @angular/compiler-cli@5.2.11
npm ERR! peer dep missing: tslint@^5.0.0, required by codelyzer@4.5.0
npm ERR! peer dep missing: rxjs@^6.0.0, required by @ng-bootstrap/ng-bootstrap@3.3.1
npm ERR! peer dep missing: rxjs@^6.1.0, required by angular-datatables@6.0.1
npm ERR! peer dep missing: rxjs@^6.1.0, required by ngx-chips@1.9.8
npm ERR! peer dep missing: rxjs@^6.0.0, required by @ng-bootstrap/ng-bootstrap@3.3.1
npm ERR! peer dep missing: rxjs@^6.1.0, required by angular-datatables@6.0.1
npm ERR! peer dep missing: rxjs@^6.1.0, required by ngx-chips@1.9.8
npm ERR! peer dep missing: rxjs@^6.0.0, required by @ng-bootstrap/ng-bootstrap@3.3.1
npm ERR! peer dep missing: rxjs@^6.1.0, required by angular-datatables@6.0.1
npm ERR! peer dep missing: rxjs@^6.1.0, required by ngx-chips@1.9.8
npm ERR! peer dep missing: rxjs@^6.0.0, required by @ng-bootstrap/ng-bootstrap@3.3.1
npm ERR! peer dep missing: rxjs@^6.1.0, required by angular-datatables@6.0.1
npm ERR! peer dep missing: rxjs@^6.1.0, required by ngx-chips@1.9.8
npm ERR! peer dep missing: typescript@>=2.4.2 <2.8, required by tsickle@0.27.5
это мой npm audit отчет
D:\Opticare\opticare>npm audit
=== npm audit security report ===
# Run npm install --save-dev karma@4.4.1 to resolve 3 vulnerabilities
SEMVER WARNING: Recommended action is a potentially breaking change
Moderate Memory Exposure
Package tunnel-agent
Dependency of karma [dev]
Path karma > log4js > loggly > request > tunnel-agent
More info https://npmjs.com/advisories/598
Low Regular Expression Denial of Service
Package braces
Dependency of karma [dev]
Path karma > expand-braces > braces
More info https://npmjs.com/advisories/786
Moderate Denial of Service
Package axios
Dependency of karma [dev]
Path karma > log4js > axios
More info https://npmjs.com/advisories/880
# Run npm install @angular/compiler-cli@8.2.14 to resolve 1 vulnerability
SEMVER WARNING: Recommended action is a potentially breaking change
Low Regular Expression Denial of Service
Package braces
Dependency of @angular/compiler-cli
Path @angular/compiler-cli > chokidar > anymatch > micromatch >
braces
More info https://npmjs.com/advisories/786
# Run npm install --save-dev @angular/cli@8.3.23 to resolve 4 vulnerabilities
SEMVER WARNING: Recommended action is a potentially breaking change
Low Regular Expression Denial of Service
Package braces
Dependency of @angular/cli [dev]
Path @angular/cli > @angular-devkit/core > chokidar > anymatch >
micromatch > braces
More info https://npmjs.com/advisories/786
Low Denial of Service
Package mem
Dependency of @angular/cli [dev]
Path @angular/cli > webpack > yargs > os-locale > mem
More info https://npmjs.com/advisories/1084
Moderate Cross-Site Scripting
Package serialize-javascript
Dependency of @angular/cli [dev]
Path @angular/cli > copy-webpack-plugin > serialize-javascript
More info https://npmjs.com/advisories/1426
Moderate Cross-Site Scripting
Package serialize-javascript
Dependency of @angular/cli [dev]
Path @angular/cli > uglifyjs-webpack-plugin >
serialize-javascript
More info https://npmjs.com/advisories/1426
# Run npm install googleapis@47.0.0 to resolve 1 vulnerability
SEMVER WARNING: Recommended action is a potentially breaking change
High Improper Authorization
Package googleapis
Dependency of googleapis
Path googleapis
More info https://npmjs.com/advisories/791
Manual Review
Some vulnerabilities require your attention to resolve
Visit https://go.npm.me/audit-guide for additional guidance
Low Regular Expression Denial of Service
Package timespan
Patched in No patch available
Dependency of karma [dev]
Path karma > log4js > loggly > timespan
More info https://npmjs.com/advisories/533
Moderate Prototype Pollution
Package hoek
Patched in > 4.2.0 < 5.0.0 || >= 5.0.3
Dependency of @angular/cli [dev]
Path @angular/cli > less > request > hawk > boom > hoek
More info https://npmjs.com/advisories/566
Moderate Prototype Pollution
Package hoek
Patched in > 4.2.0 < 5.0.0 || >= 5.0.3
Dependency of karma [dev]
Path karma > log4js > loggly > request > hawk > boom > hoek
More info https://npmjs.com/advisories/566
Moderate Prototype Pollution
Package hoek
Patched in > 4.2.0 < 5.0.0 || >= 5.0.3
Dependency of @angular/cli [dev]
Path @angular/cli > less > request > hawk > cryptiles > boom >
hoek
More info https://npmjs.com/advisories/566
Moderate Prototype Pollution
Package hoek
Patched in > 4.2.0 < 5.0.0 || >= 5.0.3
Dependency of karma [dev]
Path karma > log4js > loggly > request > hawk > cryptiles > boom
> hoek
More info https://npmjs.com/advisories/566
Moderate Prototype Pollution
Package hoek
Patched in > 4.2.0 < 5.0.0 || >= 5.0.3
Dependency of @angular/cli [dev]
Path @angular/cli > less > request > hawk > hoek
More info https://npmjs.com/advisories/566
Moderate Prototype Pollution
Package hoek
Patched in > 4.2.0 < 5.0.0 || >= 5.0.3
Dependency of karma [dev]
Path karma > log4js > loggly > request > hawk > hoek
More info https://npmjs.com/advisories/566
Moderate Prototype Pollution
Package hoek
Patched in > 4.2.0 < 5.0.0 || >= 5.0.3
Dependency of @angular/cli [dev]
Path @angular/cli > less > request > hawk > sntp > hoek
More info https://npmjs.com/advisories/566
Moderate Prototype Pollution
Package hoek
Patched in > 4.2.0 < 5.0.0 || >= 5.0.3
Dependency of karma [dev]
Path karma > log4js > loggly > request > hawk > sntp > hoek
More info https://npmjs.com/advisories/566
found 18 vulnerabilities (5 low, 12 moderate, 1 high) in 15249 scanned packages
9 vulnerabilities require semver-major dependency updates.
9 vulnerabilities require manual review. See the full report for details.
Это третий раз, когда я клонирую хранилище с нуля, чтобы запустить его.
, а вот мой package.json
{
"name": "opticare",
"version": "0.0.0",
"license": "MIT",
"angular-cli": {},
"scripts": {
"build": "ng build",
"ng": "ng",
"start": "ng serve",
"test": "ng test",
"pree2e": "webdriver-manager update --standalone false --gecko false",
"e2e": "protractor"
},
"private": true,
"dependencies": {
"@angular/animations": "^5.2.0",
"@angular/common": "^5.2.11",
"@angular/compiler": "^5.2.0",
"@angular/compiler-cli": "^5.2.0",
"@angular/core": "^5.2.0",
"@angular/forms": "^5.2.0",
"@angular/http": "^5.2.0",
"@angular/platform-browser": "^5.2.0",
"@angular/platform-browser-dynamic": "^5.2.0",
"@angular/router": "^5.2.0",
"@auth0/angular-jwt": "^2.0.0",
"@ng-bootstrap/ng-bootstrap": "^3.2.2",
"@swimlane/ngx-charts": "^7.4.0",
"angular-archwizard": "^3.0.0",
"angular-datatables": "^6.0.0",
"angular2-csv": "^0.2.5",
"angular2-spinner": "^1.0.10",
"bcrypt-nodejs": "0.0.3",
"chalk": "^2.4.1",
"chart.js": "^2.7.2",
"core-js": "^2.4.1",
"cron": "^1.3.0",
"datatables.net": "^1.10.19",
"datatables.net-dt": "^1.10.19",
"express": "^4.16.3",
"file-saver": "^1.3.8",
"googleapis": "^35.0.0",
"http-errors": "^1.6.3",
"jodit-angular": "^1.0.59",
"jquery": "^3.3.1",
"jsonwebtoken": "^8.1.0",
"jwt-decode": "^2.2.0",
"lodash": "^4.17.10",
"moment": "^2.22.2",
"moment-timezone": "^0.5.21",
"mongoose": "^5.2.4",
"mongoose-paginate": "^5.0.3",
"multer": "^1.3.0",
"ng2-nouislider": "^1.7.7",
"ngx-bootstrap": "^2.0.3",
"ngx-chips": "^1.9.2",
"ngx-toastr": "^6.4.0",
"node-cron": "^1.2.1",
"node-sass": "^4.9.2",
"nodemailer": "^4.6.8",
"nouislider": "^11.0.3",
"rxjs": "^5.5.0",
"shortid": "^2.2.8",
"ts-helpers": "^1.1.1",
"twilio": "^3.19.2",
"typescript": "^2.2.2",
"xlsx": "^0.13.0",
"zone.js": "^0.8.19"
},
"devDependencies": {
"@angular/cli": "^1.7.4",
"@angular/compiler-cli": "^5.2.0",
"@types/datatables.net": "^1.10.12",
"@types/jasmine": "~2.8.3",
"@types/jquery": "^3.3.4",
"@types/node": "~6.0.60",
"@types/systemjs": "^0.20.5",
"codelyzer": "^4.0.1",
"jasmine-core": "~2.8.0",
"jasmine-spec-reporter": "~4.2.1",
"karma-chrome-launcher": "~2.2.0",
"karma": "^2.0.4"
}
}
Теперь мой вопрос:
почему, когда я явно устанавливаю пакет, упомянутый перед UNMET PEER DEPENDENCY, он остается прежним, даже после установки требуемой версии?
Как мне запустить это приложение? Я очень устал, пытаясь заставить его работать разными методами.