我正在尝试启动我的 React 项目并在显示“严重严重漏洞”后运行“npm install”,并尝试运行“npm 审计修复”,但它没有修复。
**npm i **
npm WARN EBADENGINE Unsupported engine {
npm WARN EBADENGINE package: '[email protected]',
npm WARN EBADENGINE required: { node: '4.2.1' },
npm WARN EBADENGINE current: { node: 'v18.12.1', npm: '8.19.2' }
47 packages are looking for funding
run `npm fund` for details
**1 critical severity vulnerability**
To address all issues, run:
npm audit fix
Run `npm audit` for details.
web-app> npm audit fix
npm WARN EBADENGINE Unsupported engine {
npm WARN EBADENGINE package: '[email protected]',
npm WARN EBADENGINE required: { node: '4.2.1' },
npm WARN EBADENGINE current: { node: 'v18.12.1', npm: '8.19.2' }
npm WARN EBADENGINE }
up to date, audited 410 packages in 3s
47 packages are looking for funding
run `npm fund` for details
# npm audit report
lodash <=4.17.20
Severity: critical
Regular Expression Denial of Service (ReDoS) in lodash - https://github.com/advisories/GHSA-x5rq-j2xg-h7qm
Prototype Pollution in lodash - https://github.com/advisories/GHSA-fvqr-27wr-82fm
fix available via `npm audit fix`
node_modules/lodash
**1 critical severity vulnerability**
您正在使用
node
v18.12.1
,但项目需要 4.2.1
。
从您目前提供的信息来看,我们无法知道为什么会出现这种限制,但您可以尝试将其删除(例如:在
package.json
内:
{
"node": ">=18.0.0"
}
)。或者只需删除
"node"
中当前的 package.json
条目(如果存在)。
请记住,这可能会导致您的项目崩溃,因为它对所使用的
node
版本有限制。