1

I am trying to install packages and it is throwing this error:

 sudo npm i @sentry/node

up to date, audited 1331 packages in 3s

77 packages are looking for funding
  run `npm fund` for details

11 vulnerabilities (2 low, 9 high)

Some issues need review, and may require choosing
a different dependency.

Run `npm audit` for details.

Earlier for a fix, I tried running npm audit fix --force and then after that, this issue came up.

I tried to fix the issue by reinstalling the packages but it again shows that packages are installed and updated however it is not so.

Binayak
  • 31
  • 6

1 Answers1

0

So, good news, you've actually installed it!

Bad news: The library has vulnerabilities bad enough you shouldn't want to use it. This often happens with libraries that become dormant. The suggestion from npm is that you almost certainly don't want to use this library, and almost certainly not on a public server.

Here's a similar answer (github issue):

The error message you are seeing when running npm audit fix means that some security updates are incompatible with the project's package.json.

...

The application might work even though npm warns about security issues. Of course, it is not advisable to use an application that contains known security flaws. Ideally, you or the owner of the repository should manually upgrade all dependencies to the most recent (major) versions and then commit the updated package.json and package-lock.json files.

ruffin
  • 16,507
  • 9
  • 88
  • 138