Closed AgNm closed 6 years ago
Please i have same problem ... solve this anyone
If you run npm ls minimatch
, you can see which modules are depending on that vulnerable version of minimatch
. You can then ask the authors of those modules to update their minimatch
dependency (or better yet you can send a PR for it yourself).
same warning when running npm install .
@yash2code What error? The original post is regarding a warning. (comment has since been edited)
I have the same warning in each npm install, can be update minimatch globally the solution? just a theory, I'm new in node
I am installing Node for the first time, and a Google search of the error message I got when trying an install with npm brought me here. Same as topic. It is a fresh 4.4.7 install on an Ubuntu 14.04 droplet.
Estou tendo o mesmo problema também.
I'm getting below response while running npm ls minimatch
Mac-Pro:~ User$ npm ls minimatch /Users/Test └─┬ cordova@6.2.0 ├─┬ cordova-common@1.3.0 │ └── minimatch@3.0.2 └─┬ cordova-lib@6.2.0 ├─┬ cordova-js@4.1.4 │ └─┬ browserify@10.1.3 │ └─┬ glob@4.5.3 │ └── minimatch@2.0.10 └─┬ npm@2.15.9 ├── minimatch@3.0.0 └─┬ node-gyp@3.4.0 └── minimatch@3.0.2
Please help.
Same exact problem. If I wait a few minutes, the install will continue.
I'm having the same issue. For me browser-sync was requiring minimatch v2.0.10.
Luckily they already fixed it in: https://github.com/BrowserSync/browser-sync/commit/21edcc13edce9da344c06ff3f9885e6dea43f766
Please resolve this issue...
Same problem here.
If I run npm ls minimatch
I get the following; it means little to me, but hopefully might help someone resolve the problem...?
├─┬ chromedriver@2.21.2 │ └─┬ rimraf@2.5.3 │ └─┬ glob@7.0.5 │ └── minimatch@3.0.2 ├─┬ gulp@3.9.1 │ ├─┬ liftoff@2.2.4 │ │ └─┬ findup-sync@0.3.0 │ │ └─┬ glob@5.0.15 │ │ └── minimatch@3.0.2 │ └─┬ vinyl-fs@0.3.14 │ ├─┬ glob-stream@3.1.18 │ │ └── minimatch@2.0.10 │ └─┬ glob-watcher@0.0.6 │ └─┬ gaze@0.5.2 │ └─┬ globule@0.1.0 │ └── minimatch@0.2.14 ├─┬ gulp-sass@2.3.2 │ └─┬ node-sass@3.8.0 │ ├─┬ gaze@1.1.0 │ │ └─┬ globule@1.0.0 │ │ └── minimatch@3.0.2 │ ├─┬ glob@7.0.5 │ │ └── minimatch@3.0.2 │ └─┬ node-gyp@3.4.0 │ └── minimatch@3.0.2 ├─┬ jasmine@2.4.1 │ └─┬ glob@3.2.11 │ └── minimatch@0.3.0 ├─┬ karma@0.12.37 │ ├─┬ chokidar@1.6.0 │ │ ├─┬ fsevents@1.0.12 │ │ │ ├─┬ fstream-ignore@1.0.3 │ │ │ │ └── minimatch@3.0.0 │ │ │ └─┬ rimraf@2.5.2 │ │ │ └─┬ glob@7.0.3 │ │ │ └── minimatch@3.0.0 │ │ └─┬ readdirp@2.1.0 │ │ └── minimatch@3.0.2 │ ├── minimatch@2.0.10 │ └─┬ rimraf@2.5.3 │ └─┬ glob@7.0.5 │ └── minimatch@3.0.2 ├─┬ phantomjs@1.9.20 │ └─┬ fs-extra@0.26.7 │ └─┬ rimraf@2.5.3 │ └─┬ glob@7.0.5 │ └── minimatch@3.0.2 ├─┬ replace@0.3.0 │ └── minimatch@0.2.14 └─┬ selenium-webdriver@2.53.3 └─┬ rimraf@2.5.3 └─┬ glob@7.0.5 └── minimatch@3.0.2
Cordova-JS has a dependency on an older version of Browserify that uses the older versions of Mimimatch. I put in a JIRA ticket for Cordova-JS to fix this, hopefully it is fixed quickly.
I'm having the same issue. When I run npm ls minimatch
, I get this
└── (empty)
npm ERR! code 1
I got same issue. But then i ran command 'npm cordova -v' to check its installed or not, and yes it was installed. I had same issue while installing phonegap, but then i found that its instaled too. Can you check in your workspace.
@Lincolnerson by running command 'npm cordova -v', you are getting npm version... not cordova... please cross check.
Yes, agree with you. Made a mistake. But have you checked that cordova installed or not. Let me know if i have misunderstand any thing. I am new for this.
Yes i have checked... it is not getting installed
This is what i had while trying to install phonegap:
$ npm install -g phonegap@latest npm WARN deprecated lodash@1.0.2: lodash@<3.0.0 is no longer maintained. Upgrade to lodash@^4.0.0. npm WARN deprecated minimatch@0.2.14: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue npm WARN deprecated graceful-fs@3.0.8: graceful-fs v3.0.0 and before will fail o n node releases >= v7.0. Please update to graceful-fs@^4.0.0 as soon as possible . Use 'npm ls graceful-fs' to find it in the tree. npm WARN deprecated graceful-fs@1.2.3: graceful-fs v3.0.0 and before will fail o n node releases >= v7.0. Please update to graceful-fs@^4.0.0 as soon as possible . Use 'npm ls graceful-fs' to find it in the tree. npm WARN deprecated minimatch@2.0.10: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue C:\Users\Administrator\AppData\Roaming\npm\phonegap -> C:\Users\Administrator\Ap pData\Roaming\npm\node_modules\phonegap\bin\phonegap.js phonegap@6.2.9 C:\Users\Administrator\AppData\Roaming\npm\node_modules\phonegap ├── pluralize@0.0.4 ├── opener@1.4.1 ├── colors@0.6.0-1 ├── semver@1.1.0 ├── minimist@0.1.0 ├── qrcode-terminal@0.9.4 ├── shelljs@0.1.4 ├── update-notifier@0.6.3 (is-npm@1.0.0, semver-diff@2.1.0, configstore@2.0.0, c halk@1.1.3, boxen@0.3.1, latest-version@2.0.0) ├── prompt@0.2.11 (revalidator@0.1.8, pkginfo@0.4.0, read@1.0.7, winston@0.6.2, utile@0.2.1) ├── phonegap-build@0.10.0 (colors@0.6.2, qrcode-terminal@0.8.0, shelljs@0.0.9, o ptimist@0.3.7, phonegap-build-api@0.4.0) ├── insight@0.8.2 (object-assign@4.1.0, async@1.5.2, tough-cookie@2.2.2, node-uu id@1.4.7, lodash.debounce@3.1.1, chalk@1.1.3, configstore@1.4.0, os-name@1.0.3, request@2.73.0, inquirer@0.10.1) ├── connect-phonegap@0.21.7 (home-dir@0.1.2, ip@0.3.1, connect-inject@0.3.2, adm -zip@0.4.7, walkdir@0.0.8, shelljs@0.2.6, request-progress@0.3.1, http-proxy@1.8 .1, useragent@2.0.8, localtunnel@1.3.0, node-static@0.7.0, gaze@0.4.3, tar@0.1.1 9, request@2.33.0, socket.io@1.4.6, archiver@0.14.3, connect@2.12.0) └── cordova@6.1.1 (underscore@1.7.0, q@1.0.1, ansi@0.3.1, nopt@3.0.1, update-not ifier@0.5.0, cordova-common@1.3.0, cordova-lib@6.1.1)
######################################################################## -> then i ran following commands: npm update minimatch@3.0.2 npm update lodash@3.0.0 npm update graceful@3.0.0
######################################################################## -> then installed cordova npm install -g cordova
######################################################################## -> isntalled phonegap npm install -g phonegap@latest
######################################################################## After all this i have checked both installed or not and i am following result: $ phonegap (node:7528) fs: re-evaluating native module sources is not supported. If you are using the graceful-fs module, please update it to a more recent version.
How you use PhoneGap provides us with important data that we can use to make our products better. Please read our privacy policy for more information on the data we collect. http://www.adobe.com/privacy.html
Analytics is off.
If you would like to turn analytics on, simply run phonegap analytics on
Usage: phonegap [options] [commands]
Description:
PhoneGap command-line tool.
Commands:
help [command] output usage information
create
Additional Commands:
local [command] development on local system
remote [command] development in cloud with phonegap/build
prepare
Options:
-d, --verbose allow verbose output -v, --version output version number -h, --help output usage information --no-update-notifier disable update notifier, to opt-out of update-notifier change the 'optOut' property to 'true' in ~/.config/configstore/update-notifier-phonegap.yml
Examples:
$ phonegap help create $ phonegap create path/to/my-app $ cd my-app/ $ phonegap run ios $ phonegap analytics on
######################################################################## $ cordova
You have been opted out of telemetry. To change this, run: cordova telemetry on. Synopsis
cordova command [options]
Global Commands create ............................. Create a project help ............................... Get help for a command telemetry .......................... Turn telemetry collection on or off
Project Commands info ............................... Generate project information requirements ....................... Checks and print out all the requirements for platforms specified
platform ........................... Manage project platforms
plugin ............................. Manage project plugins
prepare ............................ Copy files into platform(s) for building
compile ............................ Build platform(s)
clean .............................. Cleanup project from build artifacts
run ................................ Run project
(including prepare && compile)
serve .............................. Run project with a local webserver
(including prepare)
Learn more about command options using 'cordova help
Aliases build -> cordova prepare && cordova compile emulate -> cordova run --emulator
Options -v, --version ...................... prints out this utility's version -d, --verbose ...................... debug mode produces verbose log output for all activity, --no-update-notifier ............... disables check for CLI updates --nohooks .......................... suppress executing hooks (taking RegExp hook patterns as parameters)
Examples cordova create myApp org.apache.cordova.myApp myApp cordova plugin add cordova-plugin-camera --save cordova platform add android --save cordova requirements android cordova build android --verbose cordova run android cordova build android --release -- --keystore="..\android.keystore" --storePassword=android --alias=mykey
I got the same error.
[root@localhost leaflet-1.0.0-rc.1]# npm install -g jake
npm WARN deprecated minimatch@0.2.14: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
npm WARN deprecated minimatch@0.3.0: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
/opt/node-v6.3.0-linux-x64/bin/jake -> /opt/node-v6.3.0-linux-x64/lib/node_modules/jake/bin/cli.js
/opt/node-v6.3.0-linux-x64/lib
└─┬ jake@8.0.12
├── async@0.9.2
├─┬ chalk@0.4.0
│ ├── ansi-styles@1.0.0
│ ├── has-color@0.1.7
│ └── strip-ansi@0.1.1
├─┬ filelist@0.0.4
│ ├── minimatch@0.3.0
│ └── utilities@0.0.37
├─┬ minimatch@0.2.14
│ ├── lru-cache@2.7.3
│ └── sigmund@1.0.1
└── utilities@1.0.4
[root@localhost leaflet-1.0.0-rc.1]# npm -v
3.10.3
[root@localhost leaflet-1.0.0-rc.1]# node -v
v6.3.0
[root@localhost leaflet-1.0.0-rc.1]# npm ls minimatch
leaflet@1.0.0-rc.1 /opt/leaflet-1.0.0-rc.1
└── (empty)
@luannnh I think you mean to do npm ls -g minimatch
?
@KenanY:
Actually, I'm trying to install Leaflet npm install -g jake
and I got the same error npm WARN deprecated minimatch@2.0.10: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
Developers please help asap... most of the people are facing this issue... My bad... I'm unable to proceed...
@luannnh Sorry, I was referring to npm ls minimatch
returning "(empty)". Anyways I don't see an error in your output, what you are seeing is a warning, which shouldn't interfere with installation (although of course it is generally a good idea to resolve a warning).
Just type in "npm install -g minimatch@3.0.2" (Without the quotes). That will do
Thanks Anurag its working
No, it's not working @boyzxshakil. The warning shows up again when you come to install cordova.
I have the same problem
I had this problem and solved by typing following command:
npm install -g npm
The command basically will update your npm
and hope it will solve your problem too. :)
@itskawsar It didn't work for me. I even ran sudo npm cache clean -f
just in case. I'm still seeing the same error.
Thanks Anurag, worked for me. ;)
Didn't work for me :( I'm getting npm ERR! argv, errno-4058, etc
Thanks Anurag!!!!! updated minimatch.......
Far as I understand this warning message means that the module you want to install does not use an updated version of minimatch, completely dependent on developers, in my case it happened installing browsersync, but like I say it was only a warning.
I tried as @Anurag0502 's instruction,
$ npm install -g minimatch@3.0.2
minimatch@3.0.2 /Users/.../.nvm/versions/node/v4.4.7/lib/node_modules/minimatch └── brace-expansion@1.1.6 (balanced-match@0.4.2, concat-map@0.0.1)
then
$ npm -v minimatch
2.15.8
next
$ hexo init dumpling001.github.io
INFO Cloning hexo-starter to ~/Public/dumpling001.github.io fatal: destination path '/Users/.../Public/dumpling001.github.io' already exists and is not an empty directory. WARN git clone failed. Copying data instead INFO Install dependencies INFO Start blogging with Hexo!
The WARNING disappeared.
@chipbk10 I just follow the Anurag instruction and its work . you may uninstall npm then install it again . hope that will work .
This is what I get: npm WARN deprecated minimatch@2.0.10: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue npm WARN install:q ENOENT: no such file or directory, rename 'C:\Users\asafc\AppData\Roaming\npm\node_modules\cordova\node_modules\cordova-fetch\node_modules\q' -> 'C:\Users\asafc\AppData\Roaming\npm\node_modules\cordova\node_modules\cordova-fetch\node_modules\q' q@1.4.1 node_modules\cordova\node_modules\cordova-fetch\node_modules\q -> node_modules\cordova\node_modules\cordova-fetch\node_modules\q
npm ERR! code 1 C:\Users\asafc\Documents\GitHub\Winnerz-App> npm ls minimatch WinnerZ@ C:\Users\asafc\Documents\GitHub\Winnerz-App └─┬ rimraf@2.5.2 └─┬ glob@7.0.3 └── minimatch@3.0.0
I tried Anurag solution and it didn't work :(
Anyone???
same issue
npm install -g cordova ionic
npm WARN deprecated minimatch@2.0.10: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
waiting for solution i need to work on cordova,
please anyone can provide solution for this as soon as possible , i have deadline to meet
Thanks Anurag its helped me.
Hello Ankit, Solution listed above by Anurag "npm install -g minimatch@3.0.2" should work for you
@Sundeep
Thanks that worked
Thanks @itskawsar! I was trying to install jsHint
I had this problem and solved by typing following command: npm install -g npm
The command basically will update your npm and hope it will solve your problem too. :)
worked for me! cheers
Guys, all you're doing when you issue npm -v minimatch
is reporting back the version of NPM that's installed.
If you want to determine what version of a specific package is installed, you need to issue:
npm view minimatch version
To update to the most recent version of minimatch, issue:
npm update -g minimatch
I wanted to update cordova and got the same error, tried all the above and it didn't work the only thing that worked for me was updating everything (all global packages)
npm update -g
which also updated cordova for me more here updating-global-packages
this happened when i was trying to install ionic
Hi guys, if you want a solution:
unnistall al deprecated errors, as npm unnistall -g minimatch lodash cross-spawn-async etc... then go to CCleaner tool and clean "Registry" with all checkboxes. Finally use the same comand, but change unninstall -> install
Pls stop repeating it's worked, it's bcs they updated and it doesn't fails anymore.
Follow this steps please, this should works:
npm uninstall -g npm-check-updates
npm install -g npm-check-updates
npm cache clean
npm install readable-stream -g
npm uninstall cordova
npm uninstall cordova -g
npm cache clean
npm install -g cordova
I'm opening this issue because:
What's going wrong?
I'm getting above warning while installing cordova. How I can resolve it?
How can the CLI team reproduce the problem?
When I'm running command "$npm install -g cordova", I'm getting below warning :
npm WARN deprecated minimatch@2.0.10: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue npm WARN checkPermissions Missing write access to /Users/test/npm/lib/node_modules/cordova npm WARN checkPermissions Missing write access to /Users/test/npm/lib/node_modules
And Below errors : npm ERR! Please try running this command again as root/Administrator. npm ERR! Please include the following file with any support request: npm ERR! /Users/SIPL218/npm-debug.log
supporting information:
I'm using latest version :
npm -v
prints: 3.10.3node -v
prints: v6.3.0npm config get registry
prints: https://registry.npmjs.org/