webpack、sass-loader、npm audit fix、npm audit fix --force兼容性问题

sass-loader兼容性问题

PS E:\dome\automated-test-platform-vue2> npm install sass@~1.32 [email protected] deepmerge -D
npm ERR! code ERESOLVE
npm ERR! ERESOLVE unable to resolve dependency tree
npm ERR!
npm ERR! While resolving: [email protected]
npm ERR! Found: [email protected]
npm ERR! node_modules/webpack
npm ERR!   webpack@"^3.6.0" from the root project
npm ERR! Could not resolve dependency:
npm ERR! peer webpack@"^4.36.0 || ^5.0.0" from [email protected]
npm ERR! node_modules/sass-loader
npm ERR!   dev sass-loader@"10.1.1" from the root project
npm ERR!
npm ERR! Fix the upstream dependency conflict, or retry
npm ERR! this command with --force, or --legacy-peer-deps
npm ERR! to accept an incorrect (and potentially broken) dependency resolution.
npm ERR!
npm ERR! See C:\Users\shenyf\AppData\Local\npm-cache\eresolve-report.txt for a full report.

npm ERR! A complete log of this run can be found in:
npm ERR!     C:\Users\shenyf\AppData\Local\npm-cache\_logs\2022-01-12T09_00_24_153Z-debug.log




PS E:\dome\automated-test-platform-vue2> npm install sass@~1.32 sass-loader@9 deepmerge -D     
npm ERR! code ERESOLVE
npm ERR! ERESOLVE unable to resolve dependency tree
npm ERR!
npm ERR! While resolving: [email protected]
npm ERR! Found: [email protected]
npm ERR! node_modules/webpack
npm ERR!   webpack@"^3.6.0" from the root project
npm ERR! Could not resolve dependency:
npm ERR! peer webpack@"^4.36.0 || ^5.0.0" from [email protected]
npm ERR! node_modules/sass-loader
npm ERR!   dev sass-loader@"9" from the root project
npm ERR!
npm ERR! Fix the upstream dependency conflict, or retry
npm ERR! this command with --force, or --legacy-peer-deps
npm ERR! to accept an incorrect (and potentially broken) dependency resolution.
npm ERR!
npm ERR! See C:\Users\shenyf\AppData\Local\npm-cache\eresolve-report.txt for a full report.

npm ERR! A complete log of this run can be found in:
npm ERR!     C:\Users\shenyf\AppData\Local\npm-cache\_logs\2022-01-12T09_00_47_449Z-debug.log




PS E:\dome\automated-test-platform-vue2> npm install sass@~1.32 sass-loader@8 deepmerge -D
npm ERR! code ERESOLVE
npm ERR! ERESOLVE unable to resolve dependency tree
npm ERR!
npm ERR! While resolving: [email protected]
npm ERR! Found: [email protected]
npm ERR! node_modules/webpack
npm ERR!   webpack@"^3.6.0" from the root project
npm ERR! Could not resolve dependency:
npm ERR! peer webpack@"^4.36.0 || ^5.0.0" from [email protected]
npm ERR! node_modules/sass-loader
npm ERR!   dev sass-loader@"8" from the root project
npm ERR!
npm ERR! Fix the upstream dependency conflict, or retry
npm ERR! this command with --force, or --legacy-peer-deps
npm ERR! to accept an incorrect (and potentially broken) dependency resolution.
npm ERR!
npm ERR! See C:\Users\shenyf\AppData\Local\npm-cache\eresolve-report.txt for a full report.

npm ERR! A complete log of this run can be found in:
npm ERR!     C:\Users\shenyf\AppData\Local\npm-cache\_logs\2022-01-12T09_01_01_870Z-debug.log




PS E:\dome\automated-test-platform-vue2> npm install sass@~1.32 sass-loader@7 deepmerge -D

added 7 packages, and audited 1274 packages in 36s

63 packages are looking for funding
  run `npm fund` for details

86 vulnerabilities (2 low, 69 moderate, 15 high)

To address issues that do not require attention, run:
  npm audit fix

To address all issues (including breaking changes), run:
  npm audit fix --force

Run `npm audit` for details.
PS E:\dome\automated-test-platform-vue2> 

解决办法:上面包含解决问题的过程,主要是挨个降级安装,直到安装成功,其他兼容性问题,亦可按此方法解决

npm audit fix兼容性问题

PS E:\dome\automated-test-platform-vue2> npm audit fix
npm ERR! code ERESOLVE
npm ERR! ERESOLVE unable to resolve dependency tree
npm ERR!
npm ERR! While resolving: [email protected]
npm ERR! Found: [email protected]
npm ERR! node_modules/webpack
npm ERR!   webpack@"^5.66.0" from the root project
npm ERR!
npm ERR! Could not resolve dependency:
npm ERR! peer webpack@"^2.0.0 || ^3.0.0" from [email protected]
npm ERR! node_modules/uglifyjs-webpack-plugin
npm ERR!   dev uglifyjs-webpack-plugin@"^1.1.1" from the root project
npm ERR!
npm ERR! Fix the upstream dependency conflict, or retry
npm ERR! this command with --force, or --legacy-peer-deps
npm ERR! to accept an incorrect (and potentially broken) dependency resolution.
npm ERR!
npm ERR! See C:\Users\shenyf\AppData\Local\npm-cache\eresolve-report.txt for a full report.

npm ERR! A complete log of this run can be found in:
npm ERR!     C:\Users\shenyf\AppData\Local\npm-cache\_logs\2022-01-12T09_13_44_800Z-debug.log
PS E:\dome\automated-test-platform-vue2> 

解决办法:该降级降级,该升级升级,关键所在就是npm uninstall xxxx然后再执行npm audit fixnpm audit fix --force让程序选择自己想要的版本

PS E:\dome\automated-test-platform-vue2> npm audit fix --force
npm WARN using --force Recommended protections disabled.
[..................] \ : WARN using --force Recommended protections disabled.
npm WARN audit Updating vue-loader to 17.0.0,which is a SemVer major change.
npm WARN ERESOLVE overriding peer dependency
npm WARN While resolving: [email protected]
npm WARN Found: [email protected]
npm WARN node_modules/webpack
npm WARN   peer webpack@"^5.0.0" from [email protected]
npm WARN   node_modules/css-loader
npm WARN     dev css-loader@"^6.5.1" from the root project
npm WARN   7 more (postcss-loader, terser-webpack-plugin, url-loader, ...)
npm WARN 
npm WARN Could not resolve dependency:
npm WARN peer webpack@"^2.0.0 || ^3.0.0 || ^4.0.0" from [email protected]
npm WARN node_modules/friendly-errors-webpack-plugin
npm WARN   dev friendly-errors-webpack-plugin@"^1.6.1" from the root project
npm WARN
npm WARN Conflicting peer dependency: [email protected]
npm WARN node_modules/webpack
npm WARN   peer webpack@"^2.0.0 || ^3.0.0 || ^4.0.0" from [email protected]
npm WARN   node_modules/friendly-errors-webpack-plugin
npm WARN     dev friendly-errors-webpack-plugin@"^1.6.1" from the root project
npm WARN ERESOLVE overriding peer dependency
npm WARN While resolving: [email protected]
npm WARN Found: [email protected]
npm WARN node_modules/webpack
npm WARN   peer webpack@"^5.0.0" from [email protected]
npm WARN   node_modules/css-loader
npm WARN     dev css-loader@"^6.5.1" from the root project
npm WARN   7 more (postcss-loader, terser-webpack-plugin, url-loader, ...)
npm WARN
npm WARN Could not resolve dependency:
npm WARN peer webpack@"^2.0.0 || ^3.0.0 || ^4.0.0" from [email protected]
npm WARN node_modules/uglifyjs-webpack-plugin
npm WARN   dev uglifyjs-webpack-plugin@"^1.1.1" from the root project
npm WARN
npm WARN Conflicting peer dependency: [email protected]
npm WARN node_modules/webpack
npm WARN   peer webpack@"^2.0.0 || ^3.0.0 || ^4.0.0" from [email protected]
npm WARN   node_modules/uglifyjs-webpack-plugin
npm WARN     dev uglifyjs-webpack-plugin@"^1.1.1" from the root project

added 9 packages, removed 11 packages, changed 1 package, and audited 730 packages in 6s

68 packages are looking for funding
  run `npm fund` for details

# npm audit report

ansi-regex  >2.1.1 <5.0.1
Severity: moderate
 Inefficient Regular Expression Complexity in chalk/ansi-regex - https://github.com/advisories/GHSA-93q8-gq69-wqmw
fix available via `npm audit fix`
node_modules/string-width/node_modules/ansi-regex
  strip-ansi  4.0.0 - 5.2.0
  Depends on vulnerable versions of ansi-regex
  node_modules/string-width/node_modules/strip-ansi
    string-width  2.1.0 - 4.1.0
    Depends on vulnerable versions of strip-ansi
    node_modules/string-width

serialize-javascript  <=3.0.0
Severity: high
Insecure serialization leading to RCE in serialize-javascript - https://github.com/advisories/GHSA-hxcc-f52p-wc94
Cross-Site Scripting in serialize-javascript - https://github.com/advisories/GHSA-h9rv-jmmf-4pgx
fix available via `npm audit fix`
node_modules/serialize-javascript
  copy-webpack-plugin  4.3.0 - 5.0.4
  Depends on vulnerable versions of cacache
  Depends on vulnerable versions of serialize-javascript
  node_modules/copy-webpack-plugin
  uglifyjs-webpack-plugin  >=1.1.3
  Depends on vulnerable versions of cacache
  Depends on vulnerable versions of serialize-javascript
  node_modules/uglifyjs-webpack-plugin

ssri  5.2.2 - 6.0.1
Severity: high
Regular Expression Denial of Service (ReDoS) - https://github.com/advisories/GHSA-vx3p-948g-6vhq
fix available via `npm audit fix`
node_modules/ssri
  cacache  10.0.4 - 11.0.0
  Depends on vulnerable versions of ssri
  node_modules/cacache
    copy-webpack-plugin  4.3.0 - 5.0.4
    Depends on vulnerable versions of cacache
    Depends on vulnerable versions of serialize-javascript
    node_modules/copy-webpack-plugin
    uglifyjs-webpack-plugin  >=1.1.3
    Depends on vulnerable versions of cacache
    Depends on vulnerable versions of serialize-javascript
    node_modules/uglifyjs-webpack-plugin

8 vulnerabilities (3 moderate, 5 high)

To address all issues, run:
  npm audit fix






PS E:\dome\automated-test-platform-vue2> npm audit fix
npm ERR! code ERESOLVE
npm ERR! ERESOLVE unable to resolve dependency tree
npm ERR!
npm ERR! While resolving: [email protected]
npm ERR! node_modules/webpack
npm ERR!   webpack@"^5.66.0" from the root project
npm ERR!
npm ERR! Could not resolve dependency:
npm ERR! peer webpack@"^2.0.0 || ^3.0.0" from [email protected]
npm ERR! node_modules/uglifyjs-webpack-plugin
npm ERR!   dev uglifyjs-webpack-plugin@"^1.1.1" from the root project
npm ERR!
npm ERR! Fix the upstream dependency conflict, or retry
npm ERR! this command with --force, or --legacy-peer-deps
npm ERR! to accept an incorrect (and potentially broken) dependency resolution.
npm ERR!

npm ERR! A complete log of this run can be found in:
npm ERR!     C:\Users\shenyf\AppData\Local\npm-cache\_logs\2022-01-12T09_13_44_800Z-debug.log
PS E:\dome\automated-test-platform-vue2> npm uninstall uglifyjs-webpack-plugin

removed 13 packages, and audited 717 packages in 7s

68 packages are looking for funding
  run `npm fund` for details

7 vulnerabilities (3 moderate, 4 high)

To address all issues, run:
  npm audit fix

Run `npm audit` for details.







PS E:\dome\automated-test-platform-vue2> npm audit fix
npm ERR! code ERESOLVE
npm ERR! ERESOLVE could not resolve
npm ERR!
npm ERR! While resolving: [email protected]
npm ERR! Found: [email protected]
npm ERR! node_modules/webpack
npm ERR!   webpack@"^5.66.0" from the root project
npm ERR!   peer webpack@"^5.0.0" from [email protected]
npm ERR!   node_modules/css-loader
npm ERR!     dev css-loader@"^6.5.1" from the root project
npm ERR!   6 more (postcss-loader, terser-webpack-plugin, url-loader, ...)
npm ERR!
npm ERR! Could not resolve dependency:
npm ERR! peer webpack@"^2.0.0 || ^3.0.0 || ^4.0.0" from [email protected]
npm ERR!   dev friendly-errors-webpack-plugin@"^1.6.1" from the root project
npm ERR!
npm ERR! Conflicting peer dependency: [email protected]
npm ERR! node_modules/webpack
npm ERR!   peer webpack@"^2.0.0 || ^3.0.0 || ^4.0.0" from [email protected]
npm ERR!   node_modules/friendly-errors-webpack-plugin
npm ERR!     dev friendly-errors-webpack-plugin@"^1.6.1" from the root project
npm ERR!
npm ERR! Fix the upstream dependency conflict, or retry
npm ERR! this command with --force, or --legacy-peer-deps
npm ERR! to accept an incorrect (and potentially broken) dependency resolution.
npm ERR!

npm ERR! A complete log of this run can be found in:
npm ERR!     C:\Users\shenyf\AppData\Local\npm-cache\_logs\2022-01-12T09_15_39_676Z-debug.log







PS E:\dome\automated-test-platform-vue2> npm uninstall friendly-errors-webpack-plugin

removed 10 packages, changed 1 package, and audited 707 packages in 6s

68 packages are looking for funding
  run `npm fund` for details

4 high severity vulnerabilities

To address all issues, run:
  npm audit fix

Run `npm audit` for details.








PS E:\dome\automated-test-platform-vue2> npm audit fix

up to date, audited 707 packages in 5s

68 packages are looking for funding
  run `npm fund` for details

# npm audit report

serialize-javascript  <=3.0.0
Severity: high
Insecure serialization leading to RCE in serialize-javascript - https://github.com/advisories/GHSA-hxcc-f52p-wc94
Cross-Site Scripting in serialize-javascript - https://github.com/advisories/GHSA-h9rv-jmmf-4pgx
fix available via `npm audit fix`
node_modules/serialize-javascript
  copy-webpack-plugin  4.3.0 - 5.0.4       # 下一步要修复这里
  Depends on vulnerable versions of cacache
  Depends on vulnerable versions of serialize-javascript
  node_modules/copy-webpack-plugin

ssri  5.2.2 - 6.0.1
Severity: high
Regular Expression Denial of Service (ReDoS) - https://github.com/advisories/GHSA-vx3p-948g-6vhq
fix available via `npm audit fix`
node_modules/ssri
  cacache  10.0.4 - 11.0.0
  Depends on vulnerable versions of ssri
  node_modules/cacache
    copy-webpack-plugin  4.3.0 - 5.0.4
    Depends on vulnerable versions of cacache
    Depends on vulnerable versions of serialize-javascript
    node_modules/copy-webpack-plugin

4 high severity vulnerabilities

To address all issues, run:
  npm audit fix







PS E:\dome\automated-test-platform-vue2> npm install copy-webpack-plugin@4

added 40 packages, and audited 707 packages in 14s

68 packages are looking for funding
  run `npm fund` for details

4 high severity vulnerabilities

To address all issues (including breaking changes), run:
  npm audit fix --force

Run `npm audit` for details.









PS E:\dome\automated-test-platform-vue2> npm audit fix --force
npm WARN using --force Recommended protections disabled.
npm WARN audit Updating copy-webpack-plugin to 10.2.0,which is a SemVer major change.

added 7 packages, removed 38 packages, changed 7 packages, and audited 676 packages in 18s

72 packages are looking for funding
  run `npm fund` for details

found 0 vulnerabilities





PS E:\dome\automated-test-platform-vue2> 

修复完成

你可能感兴趣的:(webpack,npm,sass)