marcelkottmann
commented
3 years ago Hey @KenjiBito , I have the same problem. Did you find any way around this or any reason, why this is happening?
Open KenjiBito opened 4 years ago
marcelkottmann
commented
3 years ago Hey @KenjiBito , I have the same problem. Did you find any way around this or any reason, why this is happening?
jakub-moravec
commented
3 years ago I'm having the same issue. Do you have any estimate on when this might be resolved?
alexboots
commented
2 years ago Before running you could rm -rf node_modules and only install production deps to remove false positives:
NODE_ENV=production npm install
westonsoftware
commented
2 years ago Thanks, also ... yarn install --production
e.x. I installed terser-webpack-plugin by npm with --save-dev
the result in package-lock.json is the following "terser-webpack-plugin": { "version": "1.4.3", "resolved": "https://registry.npmjs.org/terser-webpack-plugin/-/terser-webpack-plugin-1.4.3.tgz", "integrity": "sha512-QMxecFz/gHQwteWwSo5nTc6UaICqN1bMedC5sMtUc7y3Ha3Q8y6ZO0iCR8pq4RJC8Hjf0FEPEHZqcMB/+DFCrA==", "dev": true, "requires": { "cacache": "^12.0.2", "find-cache-dir": "^2.1.0", "is-wsl": "^1.1.0", "schema-utils": "^1.0.0", "serialize-javascript": "^2.1.2", "source-map": "^0.6.1", "terser": "^4.1.2", "webpack-sources": "^1.4.0", "worker-farm": "^1.7.0" } }
"dev" is true but terser-webpack-plugin is in the output by license-checker with --production. And I cannot find any dependancies from libraries that do not have "dev": true
My environment is windows server 2016, npm ver 6.0.9 and license checker 25.0.1
Thank you