Environment Info:
System:
OS: Linux 4.19 Debian GNU/Linux buster/sid undefined
CPU: x64 Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Binaries:
Node: 10.8.0 - /usr/local/bin/node
Browsers:
Chrome: 65.0.3325.181
Firefox: 60.4.0
npmPackages:
react: Not Found
react-dom: Not Found
react-scripts: Not Found
npmGlobalPackages:
create-react-app: Not Found
Steps to Reproduce
Start a new react app in a new project.
update npm globally
npm install -g create-react-app
`create-react-app my-app
or
install yarn
yarn create react-app my-app
or
npx create-react-app my-app
Expected Behavior
Create the react app in my-app.
Actual Behavior
In all three cases the installation starts but it reports vulnerabilities and aborts the installation and deletes the generated files node_nodules and package.json which makes it impossible to run the recommended step npm audit fix.
npx create-react-app my-app
Creating a new React app in /home/foo/bar/project/my-app.
Aborted
Installing packages. This might take a couple of minutes.
Installing react, react-dom, and react-scripts...
+ react-dom@16.7.0
+ react@16.7.0
+ react-scripts@0.9.5
added 965 packages from 653 contributors and audited 9025 packages in 38.641s
found 39 vulnerabilities (5 low, 27 moderate, 6 high, 1 critical)
run `npm audit fix` to fix them, or `npm audit` for details
Aborting installation.
npm install --save --save-exact --loglevel error react react-dom react-scripts@0.9.x has failed.
Deleting generated file... node_modules
Deleting generated file... package.json
Done.
yarn create react-app my-app
yarn create v1.13.0
[1/4] Resolving packages...
[2/4] Fetching packages...
[3/4] Linking dependencies...
[4/4] Building fresh packages...
success Installed "create-react-app@2.1.3" with binaries:
- create-react-app
[################################################################] 64/64
Creating a new React app in /home/foo/bar/project/my-app.
Aborted
Installing packages. This might take a couple of minutes.
Installing react, react-dom, and react-scripts...
+ react-dom@16.7.0
+ react@16.7.0
+ react-scripts@0.9.5
added 965 packages from 653 contributors and audited 9025 packages in 35.877s
found 39 vulnerabilities (5 low, 27 moderate, 6 high, 1 critical)
run `npm audit fix` to fix them, or `npm audit` for details
Aborting installation.
npm install --save --save-exact --loglevel error react react-dom react-scripts@0.9.x has failed.
Deleting generated file... node_modules
Deleting generated file... package.json
Done.
Aborted
error Command failed.
Exit code: 134
Command: /home/my-user/.yarn/bin/create-react-app
Arguments: my-app
Directory: /home/foo/bar/project
Output:
info Visit https://yarnpkg.com/en/docs/cli/create for documentation about this command.
Is this a bug report?
yes
Did you try recovering your dependencies?
Yes. Nothing changed.
Which terms did you search for in User Guide?
vulnerabilities, failure, aborted installation
Environment
Steps to Reproduce
Start a new react app in a new project.
npm install -g create-react-app
or
yarn create react-app my-app
or
npx create-react-app my-app
Expected Behavior
Create the react app in
my-app
.Actual Behavior
In all three cases the installation starts but it reports vulnerabilities and aborts the installation and deletes the generated files
node_nodules
andpackage.json
which makes it impossible to run the recommended stepnpm audit fix
.npx create-react-app my-app
yarn create react-app my-app
Reproducible Demo
I can't even create an app. That is the issue.