npm の依存関係エラーを解消する
イシュー
To address issues that do not require attention, run
が出る場合の解消法を探す
参考
以下の依存関係を解消してみる
npm audit fix (中略) shell-quote <=1.7.2 Severity: critical Improper Neutralization of Special Elements used in a Command in Shell-quote - https://github.com/advisories/GHSA-g4rg-993r-mgx7 fix available via `npm audit fix --force` Will install blitz@0.36.3, which is a breaking change node_modules/@next/react-dev-overlay/node_modules/shell-quote @next/react-dev-overlay 9.3.7-canary.3 - 12.0.1 Depends on vulnerable versions of shell-quote node_modules/@next/react-dev-overlay
minimist の依存関係を確認
$ npm ls shell-quote blitz-sb2@1.0.0 /Users/magnet/Workspace/React/blitz-sb2 └─┬ blitz@0.45.4 ├─┬ @blitzjs/cli@0.45.4 │ ├─┬ @blitzjs/installer@0.45.4 │ │ └─┬ ink@3.2.0 │ │ └─┬ react-devtools-core@4.24.7 │ │ └── shell-quote@1.7.3 deduped │ └─┬ @prisma/sdk@3.9.1 │ └── shell-quote@1.7.3 └─┬ next@npm:@blitzjs/next@11.1.0-0.45.4 └─┬ @next/react-dev-overlay@11.1.0 └── shell-quote@1.7.2
→ 3つのモジュールから使用されている
- shell-quote@1.7.3 deduped (@blitzjs/cli@0.45.4)
- shell-quote@1.7.3(@prisma/sdk@3.9.1)
- shell-quote@1.7.2(next@npm:@blitzjs/next@11.1.0-0.45.4)
blitzのバージョンを確認
$ blitz --version Loaded env from /Users/magnet/Workspace/React/blitz-sb2/.env.local Loaded env from /Users/magnet/Workspace/React/blitz-sb2/.env macOS Monterey | darwin-x64 | Node: v16.13.0 blitz: 0.45.4 (global) blitz: 0.45.4 (local) Package manager: npm System: OS: macOS 12.4 CPU: (4) x64 Intel(R) Core(TM) m5-6Y54 CPU @ 1.10GHz Memory: 158.97 MB / 8.00 GB Shell: 3.2.57 - /bin/bash Binaries: Node: 16.13.0 - ~/.nodebrew/current/bin/node Yarn: 1.22.18 - ~/.nodebrew/current/bin/yarn npm: 8.12.1 - ~/.nodebrew/current/bin/npm Watchman: Not Found npmPackages: @prisma/client: 4.0.0 => 4.0.0 blitz: 0.45.4 => 0.45.4 prisma: 4.0.0 => 4.0.0 react: 18.0.0 => 18.0.0 react-dom: 18.0.0 => 18.0.0 typescript: ~4.5 => 4.5.5
参考: How to update a Blitz.js application? · Discussion #992 · blitz-js/blitz · GitHub