fjimenez
Reputation: 81
Why do I keep getting an error when trying to install gulp?
for some reason I am unable to install gulp, it always brings up this error:
/wp-content/themes/the-advocates-theme$ npm i gulp-install
added 4 packages, and audited 755 packages in 2s
39 packages are looking for funding
run `npm fund` for details
12 vulnerabilities (3 moderate, 6 high, 3 critical)
To address issues that do not require attention, run:
npm audit fix
To address all issues possible (including breaking changes), run:
npm audit fix --force
Some issues need review, and may require choosing
a different dependency.
Run `npm audit` for details.
and this is what I get when I run npm audit:
glob-parent <5.1.2
Severity: high
Regular expression denial of service - https://github.com/advisories/GHSA-ww39-953v-wcq6
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/glob-stream/node_modules/glob-parent
node_modules/glob-watcher/node_modules/glob-parent
chokidar 1.0.0-rc1 - 2.1.8
Depends on vulnerable versions of glob-parent
node_modules/glob-watcher/node_modules/chokidar
glob-watcher >=3.0.0
Depends on vulnerable versions of chokidar
node_modules/glob-watcher
glob-stream 5.3.0 - 6.1.0
Depends on vulnerable versions of glob-parent
node_modules/glob-stream
vinyl-fs >=2.4.2
Depends on vulnerable versions of glob-stream
node_modules/vinyl-fs
gulp >=4.0.0
Depends on vulnerable versions of vinyl-fs
node_modules/gulp
lodash.template <4.5.0
Severity: critical
Prototype Pollution in lodash - https://github.com/advisories/GHSA-jf85-cpcp-j695
No fix available
node_modules/lodash.template
gulp-util >=1.1.0
Depends on vulnerable versions of lodash.template
node_modules/gulp-util
gulp-install *
Depends on vulnerable versions of gulp-util
node_modules/gulp-install
postcss <8.2.13
Severity: moderate
Regular Expression Denial of Service in postcss - https://github.com/advisories/GHSA-566m-qj78-rww5
fix available via `npm audit fix --force`
Will install [email protected], which is a breaking change
node_modules/@gulp-sourcemaps/identity-map/node_modules/postcss
@gulp-sourcemaps/identity-map >=2.0.0
Depends on vulnerable versions of postcss
node_modules/@gulp-sourcemaps/identity-map
gulp-sourcemaps >=3.0.0
Depends on vulnerable versions of @gulp-sourcemaps/identity-map
node_modules/gulp-sourcemaps
12 vulnerabilities (3 moderate, 6 high, 3 critical)
To address issues that do not require attention, run:
npm audit fix
To address all issues possible (including breaking changes), run:
npm audit fix --force
Some issues need review, and may require choosing
a different dependency.
Upvotes: 3
Views: 2241
Answers (1)
GOTO 0
Reputation: 47614
Those are not errors, they are warnings issued by npm. The gulp team is aware of those warnings but has decided that they do not need to be regarded.
Instead, they insist that npm audit is broken and should be fixed. You may ask them to change their minds, but beware that your request would be likely flagged as spam: 1, 2, 3.
Upvotes: 4
Related Questions
- Can't install Gulp on node 8.12.0
- npm install not work
- Trouble installing gulp
- Can't install Gulp even after $sudo command
- Gulp install on Windows (Npm issue)
- npm install gulp ERROR
- Unable install Gulp using npm in Windows
- Problems Installing Gulp
- Cannot install and run gulp via npm
- No local gulp install found