Question
This Content is from Stack Overflow. Question asked by Ori Cohen
everytime i’m running npx create-react-app
, i’m having some issues and vulnerabilities.
I would love to get your help undersstanding what are those and how to fix,
C:Userscori2DesktopOriProjectsreact-web>npx create-react-app ./
Creating a new React app in C:Userscori2DesktopOriProjectsreact-web.
Installing packages. This might take a couple of minutes.
Installing react, react-dom, and react-scripts with cra-template...
added 1393 packages in 53s
203 packages are looking for funding
run `npm fund` for details
Initialized a git repository.
Installing template dependencies using npm...
npm WARN deprecated source-map-resolve@0.6.0: See https://github.com/lydell/source-map-
resolve#deprecated
added 52 packages in 6s
203 packages are looking for funding
run `npm fund` for details
Removing template package using npm...
removed 1 package, and audited 1445 packages in 2s
203 packages are looking for funding
run `npm fund` for details
6 high severity vulnerabilities
To address all issues (including breaking changes), run:
npm audit fix --force
Run `npm audit` for details.
Git commit not created Error: Command failed: git commit -m "Initialize project using
Create React App"
at checkExecSyncError (node:child_process:828:11)
at execSync (node:child_process:899:15)
at tryGitCommit (C:Userscori2DesktopOriProjectsreact-webnode_modulesreact-
scriptsscriptsinit.js:62:5)
at module.exports (C:Userscori2DesktopOriProjectsreact-webnode_modulesreact-
scriptsscriptsinit.js:350:25)
at [eval]:3:14
at Script.runInThisContext (node:vm:129:12)
at Object.runInThisContext (node:vm:305:38)
at node:internal/process/execution:76:19
at [eval]-wrapper:6:22 {
status: 128,
signal: null,
output: [ null, null, null ],
pid: 8200,
stdout: null,
stderr: null
}
Removing .git directory...
thank you in advanced
Solution
Create React App was created by Dan Abramov. He’s written an excellent article about the issues with npm audit in create-react-app. It’s a good read and I learned a lot about packages, npm audit and create-react-app.
https://overreacted.io/npm-audit-broken-by-design/
TL;DR
You can ignore these security vulnerabilities.
Answered by mjwils
This Question and Answer are collected from stackoverflow and tested by JTuto community, is licensed under the terms of CC BY-SA 4.0.