我尝试使用npm install @angular/material --save安装角材,但结果是:
npm WARN @angular/material@7.3.7 requires a peer of @angular/cdk@7.3.7 but none is installed. You must install peer dependencies yourself.
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.2.9 (node_modules\fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.9: wanted {"os":"darwin","arch":"any"} (current: {"os":"win32","arch":"x64"})
+ @angular/material@7.3.7
updated 1 package and audited 42613 packages in 16.398s
found 1 high severity vulnerability
run `npm audit fix` to fix them, or `npm audit` for details
我也尝试了npm audit fix并得到了以下结果:
npm WARN @angular/material@7.3.7 requires a peer of @angular/cdk@7.3.7 but none is installed. You must install peer dependencies yourself.
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.2.9 (node_modules\fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.9: wanted {"os":"darwin","arch":"any"} (current: {"os":"win32","arch":"x64"})
up to date in 7.989s
fixed 0 of 1 vulnerability in 42613 scanned packages
1 vulnerability required manual review and could not be updated
然后我尝试了nmp audit,结果如下:
=== npm audit security report ===
Manual Review
Some vulnerabilities require your attention to resolve
Visit https://go.npm.me/audit-guide for additional guidance
High Arbitrary File Overwrite
Package tar
Patched in >=4.4.2
Dependency of @angular-devkit/build-angular [dev]
Path @angular-devkit/build-angular > node-sass > node-gyp > tar
More info https://nodesecurity.io/advisories/803
found 1 high severity vulnerability in 42613 scanned packages
1 vulnerability requires manual review. See the full report for details.
为什么会出现此错误,我该如何解决?
答案 0 :(得分:2)
新版本的tar已发布。 npm/node-tar#212 (comment)
删除文件夹node_modules和package-lock.json,然后执行以下命令:
npm install npm audit npm audit fix npm audit