我在修复EXPO Reaction原生项目中的漏洞时遇到了问题. 这是一款正在开发的 react native 应用程序.
我一直收到这个;
up to date, audited 1375 packages in 1m
73 packages are looking for funding
run `npm fund` for details
18 vulnerabilities (10 moderate, 8 high)
To address issues that do not require attention, run:
npm audit fix
To address all issues (including breaking changes), run:
npm audit fix --force
Run `npm audit` for details.
这是我的package.json
份档案;
{
"name": "eudio",
"version": "1.0.0",
"main": "node_modules/expo/AppEntry.js",
"scripts": {
"start": "expo start",
"android": "expo start --android",
"ios": "expo start --ios",
"web": "expo start --web"
},
"dependencies": {
"@expo/vector-icons": "^13.0.0",
"@react-native-community/masked-view": "^0.1.11",
"@react-navigation/drawer": "^6.5.8",
"@react-navigation/native": "*",
"@react-navigation/native-stack": "*",
"expo": "^47.0.9",
"expo-constants": "~14.0.2",
"expo-contacts": "~11.0.1",
"expo-file-system": "~15.1.1",
"expo-font": "~11.0.1",
"expo-location": "~15.0.1",
"expo-sms": "~11.0.0",
"expo-speech": "~11.0.0",
"expo-status-bar": "~1.4.2",
"firebase": "^9.16.0",
"from": "^0.1.7",
"native": "^0.3.3",
"react": "18.1.0",
"react-native": "0.70.8",
"react-native-elements": "^3.4.3",
"react-native-gesture-handler": "~2.8.0",
"react-native-google-places-autocomplete": "*",
"react-native-maps": "1.3.2",
"react-native-maps-directions": "^1.9.0",
"react-native-paper": "4.9.2",
"react-native-reanimated": "~2.12.0",
"react-native-safe-area-context": "4.4.1",
"react-native-screens": "~3.18.0",
"react-native-sha256": "^1.4.9",
"react-native-svg": "13.4.0",
"react-navigation": "^4.4.4",
"reanimated-bottom-sheet": "*"
},
"devDependencies": {
"@babel/core": "^7.12.9",
"react-native-dotenv": "^3.4.8"
},
"private": true
}
我try 了多种解决方案,例如;
npm audit
npm audit fix
npm audit fix --force
npm update
npm upgrade
npx remove-node-modules
npm install
npm install --check
我还try 手动修复依赖项,以使它们兼容,但无济于事. 在大多数情况下,错误只会变得更糟.
然而,通过跑npx expo-doctor
次,这就是结果;
$ npx expo-doctor
✔ Validating global prerequisites versions passed
✔ Checking for incompatible packages passed
✔ Checking for conflicting global packages in project passed
✔ Verifying prebuild support package versions are compatible passed
✔ Checking dependency versions for compatibility with the installed Expo SDK passed
✔ Validating Expo Config passed
✔ Checking package.json for common issues passed
Didn't find any issues with the project!
然而,依赖错误仍然存在.
我如何修复依赖关系?