search

jeemok / better-npm-audit

The goal of this project is to provide additional features on top of the existing npm audit options
https://www.npmjs.com/package/better-npm-audit
MIT License
118 stars 26 forks source link

DeprecationWarning: Invalid 'main' field in ... node_modules/better-npm-audit/package.json' of 'lib/index.js' #61

Closed alert-debug closed 3 years ago

alert-debug commented 3 years ago

I recently upgraded to npm@8.0.0 (and nodejs@v16.11.1) and I'm getting the message:

(node:74559) [DEP0128] DeprecationWarning: Invalid 'main' field in '[REDACTED]/node_modules/better-npm-audit/package.json' of 'lib/index.js'. Please either fix that or report it to the module author

when running npm run audit. Presumably that's because the index.js file is actually at the top level of the package's directory tree, and not in a lib directory. The tool still seems to function, but hopefully this is an easy fix.

jeemok commented 3 years ago

Thanks @alertme-edwin for reporting this! I've released a new version and this should be fixed now 👍🏻

alert-debug commented 2 years ago

Yup, that works. Thanks so much @jeemok!

I don't know if this means you now have more time to work on this amazing project, but I think I will create a separate issue about the \n strangeness I'm seeing (as mentioned in discussion number 53), and maybe other people will be able to +1 it if they can reproduce it on their systems.

Also, I keep seeing discussions about false positives in npm audit reports (e.g. issue 1138 in the chokidar repo, and a proposed RFC for npm called "audit assertions"), and that always reminds me how better-npm-audit could greatly improve the npm ecosystem if it searched for .nsprc files in dependencies. I know that requires a lot of careful thinking, though, so I don't want to rush you. Take all the time you need, and keep up the great work.