Spuddya7x
commented
5 months ago Have you run npm i or pnpm i first? You might need to get the packages for the bot to work! 😄
Closed pcolamar closed 3 months ago
Spuddya7x
commented
5 months ago Have you run npm i or pnpm i first? You might need to get the packages for the bot to work! 😄
pcolamar
commented
5 months ago Have you run
npm iorpnpm ifirst? You might need to get the packages for the bot to work! 😄
Done, with "npm install" as per instruction.
This was the outcome
up to date, audited 686 packages in 10s
143 packages are looking for funding run
npm fundfor details13 vulnerabilities (11 moderate, 2 high)
To address issues that do not require attention, run: npm audit fix
To address all issues (including breaking changes), run: npm audit fix --force
Run
npm auditfor details.
If I run "npm audit fix --force " , I get
npm WARN using --force Recommended protections disabled. npm WARN audit Updating @jup-ag/core to undefined,which is a SemVer major change. npm ERR! code ETARGET npm ERR! notarget No matching version found for @jup-ag/core@undefined. npm ERR! notarget In most cases you or one of your dependencies are requesting npm ERR! notarget a package version that doesn't exist.
npm ERR! A complete log of this run can be found in: npm ERR! /home/palmer/.npm/_logs/2024-03-24T16_37_13_441Z-debug-0.log
"npm audit":
npm audit report
axios 0.8.1 - 0.27.2
Severity: moderate
Axios Cross-Site Request Forgery Vulnerability - https://github.com/advisories/GHSA-wf5p-g6vw-rhxx
fix available via npm audit fix
node_modules/wait-on/node_modules/axios
wait-on 5.0.0-rc.0 - 7.1.0
Depends on vulnerable versions of axios
node_modules/wait-on
start-server-and-test 1.11.1 - 2.0.2
Depends on vulnerable versions of wait-on
node_modules/start-server-and-test
@solana/spl-token 0.2.0-alpha.0 - 0.2.0
Depends on vulnerable versions of start-server-and-test
node_modules/@jup-ag/goosefx-ssl-sdk/node_modules/@solana/spl-token
@jup-ag/goosefx-ssl-sdk *
Depends on vulnerable versions of @solana/spl-token
node_modules/@jup-ag/goosefx-ssl-sdk
cross-fetch <=2.2.3 || 2.2.5 || 3.0.0 - 3.1.4 || 3.2.0-alpha.0 - 3.2.0-alpha.2
Severity: high
Incorrect Authorization in cross-fetch - https://github.com/advisories/GHSA-7gc6-qh9x-w6h8
Depends on vulnerable versions of node-fetch
fix available via npm audit fix --force
Will install undefined@undefined, which is a breaking change
node_modules/@mercurial-finance/dynamic-amm-sdk/node_modules/@solana/spl-token-registry/node_modules/cross-fetch
node_modules/@mercurial-finance/vault-sdk/node_modules/@solana/spl-token-registry/node_modules/cross-fetch
node_modules/@solana/spl-token-registry/node_modules/cross-fetch
@solana/spl-token-registry >=0.2.26
Depends on vulnerable versions of cross-fetch
node_modules/@mercurial-finance/dynamic-amm-sdk/node_modules/@solana/spl-token-registry
node_modules/@mercurial-finance/vault-sdk/node_modules/@solana/spl-token-registry
node_modules/@solana/spl-token-registry
@jup-ag/invariant
Depends on vulnerable versions of @solana/spl-token-registry
node_modules/@jup-ag/invariant
@jup-ag/core
Depends on vulnerable versions of @jup-ag/invariant
node_modules/@jup-ag/core
@mercurial-finance/dynamic-amm-sdk
Depends on vulnerable versions of @mercurial-finance/vault-sdk
Depends on vulnerable versions of @solana/spl-token-registry
node_modules/@mercurial-finance/dynamic-amm-sdk
@mercurial-finance/port-sdk
Depends on vulnerable versions of @solana/spl-token-registry
node_modules/@mercurial-finance/port-sdk
@mercurial-finance/vault-sdk *
Depends on vulnerable versions of @mercurial-finance/port-sdk
Depends on vulnerable versions of @solana/spl-token-registry
node_modules/@mercurial-finance/vault-sdk
node-fetch <2.6.7
Severity: high
node-fetch forwards secure headers to untrusted sites - https://github.com/advisories/GHSA-r683-j2x4-v87g
fix available via npm audit fix --force
Will install undefined@undefined, which is a breaking change
node_modules/@mercurial-finance/dynamic-amm-sdk/node_modules/@solana/spl-token-registry/node_modules/node-fetch
node_modules/@mercurial-finance/vault-sdk/node_modules/@solana/spl-token-registry/node_modules/node-fetch
node_modules/@solana/spl-token-registry/node_modules/node-fetch
cross-fetch <=2.2.3 || 2.2.5 || 3.0.0 - 3.1.4 || 3.2.0-alpha.0 - 3.2.0-alpha.2
Depends on vulnerable versions of node-fetch
node_modules/@mercurial-finance/dynamic-amm-sdk/node_modules/@solana/spl-token-registry/node_modules/cross-fetch
node_modules/@mercurial-finance/vault-sdk/node_modules/@solana/spl-token-registry/node_modules/cross-fetch
node_modules/@solana/spl-token-registry/node_modules/cross-fetch
@solana/spl-token-registry >=0.2.26
Depends on vulnerable versions of cross-fetch
node_modules/@mercurial-finance/dynamic-amm-sdk/node_modules/@solana/spl-token-registry
node_modules/@mercurial-finance/vault-sdk/node_modules/@solana/spl-token-registry
node_modules/@solana/spl-token-registry
@jup-ag/invariant
Depends on vulnerable versions of @solana/spl-token-registry
node_modules/@jup-ag/invariant
@jup-ag/core
Depends on vulnerable versions of @jup-ag/invariant
node_modules/@jup-ag/core
@mercurial-finance/dynamic-amm-sdk
Depends on vulnerable versions of @mercurial-finance/vault-sdk
Depends on vulnerable versions of @solana/spl-token-registry
node_modules/@mercurial-finance/dynamic-amm-sdk
@mercurial-finance/port-sdk
Depends on vulnerable versions of @solana/spl-token-registry
node_modules/@mercurial-finance/port-sdk
@mercurial-finance/vault-sdk *
Depends on vulnerable versions of @mercurial-finance/port-sdk
Depends on vulnerable versions of @solana/spl-token-registry
node_modules/@mercurial-finance/vault-sdk
PS I am on Linux Mint 21.3 = Ubuntu 22.04
Spuddya7x
commented
5 months ago This seems to be having issues with handling the creation of the JSON files for user settings/parameters.
@AstroOrbis Are you able to shed any light on this? Im not too savvy on Linux.
Pantoria
commented
5 months ago This seems to be having issues with handling the creation of the JSON files for user settings/parameters.
@AstroOrbis Are you able to shed any light on this? Im not too savvy on Linux.
Found a solution in:
https://github.com/eslint/eslint/discussions/15305#discussioncomment-8248405
"replace assert by with"
pcolamar
commented
5 months ago I "replace assert by with" on row 13 but I get a similar error:
`file:///home/palmer/Downloads/EXTRACT/jupgrid/src/jupgrid.js:13 import packageInfo from '../package.json' with { type: 'json' }; ^^^^
SyntaxError: Unexpected token 'with' at Loader.moduleStrategy (internal/modules/esm/translators.js:133:18) at async link (internal/modules/esm/module_job.js:42:21) `
I also tried with the suggestion to change:
import packageInfo from '../package.json'; const packageJSON = JSON.parse(packageInfo("./package.json"));
in the thread https://github.com/eslint/eslint/discussions/15305#discussioncomment-8248405 but then I get :
`file:///home/palmer/Downloads/EXTRACT/jupgrid/src/jupgrid.js:1179
currUSDBalanceA = tempUSDBalanceA ?? currUSDBalanceA; // Fallback to current value if undefined
^
SyntaxError: Unexpected token '?' at Loader.moduleStrategy (internal/modules/esm/translators.js:133:18) at async link (internal/modules/esm/module_job.js:42:21) `
I am a monkey here. Java is a total unknown to me. The last language was "C" 20 years ago
pcolamar
commented
5 months ago Well, after asking some help to chatGPT I understand that the issue is more complex than the error that started this thread. The Java used in all the scripts is not compatible with my Linux environment.
The use of operators like "??" , "#" .
This line
const symbolText = options.symbol ?? ' ';
Should be written like
const symbolText = options.symbol !== undefined ? options.symbol : ' ';
There are too many of thos Java language issue all over the scripts. I guess I have to give up or wait for some other suggestion from the community
Hi, running "node ." I got the following error. I am not a Java programmer. Any hint on what might be the reason ?
$ node . file:///home/palmer/Downloads/EXTRACT/jupgrid/src/jupgrid.js:13 import packageInfo from '../package.json' assert { type: 'json' }; ^^^^^^
SyntaxError: Unexpected identifier at Loader.moduleStrategy (internal/modules/esm/translators.js:133:18) at async link (internal/modules/esm/module_job.js:42:21)