I have built a test NextJS app, called njs-voice-rcd using these commands:
% npx create-next-app@latest
.....
% cd njs-voice-rcd
% npm i mongoose
From this point on, I am having issues trying to install multer and multer-gridfs-storage.
I tried several approaches but none is working. There are always version conflicts somewhere.
I hope some with a better knowledge of the GridFS packages will be able to provide some pieces of advice.
1) I tried to install multer first and then multer-gridfs-storage.
% npm i multer
added 17 packages, and audited 391 packages in 1s
134 packages are looking for funding
run `npm fund` for details
found 0 vulnerabilities
%
% npm i multer-gridfs-storage
npm ERR! code ERESOLVE
npm ERR! ERESOLVE unable to resolve dependency tree
npm ERR!
npm ERR! While resolving: njs-voice-rcd-2@0.1.0
npm ERR! Found: multer@1.4.5-lts.1
npm ERR! node_modules/multer
npm ERR! multer@"^1.4.5-lts.1" from the root project
npm ERR!
npm ERR! Could not resolve dependency:
npm ERR! peer multer@"^1.4.2" from multer-gridfs-storage@5.0.2
npm ERR! node_modules/multer-gridfs-storage
npm ERR! multer-gridfs-storage@"*" from the root project
npm ERR!
npm ERR! Fix the upstream dependency conflict, or retry
npm ERR! this command with --force, or --legacy-peer-deps
npm ERR! to accept an incorrect (and potentially broken) dependency resolution.
npm ERR!
npm ERR! See /Users/me/.npm/eresolve-report.txt for a full report.
npm ERR! A complete log of this run can be found in:
npm ERR! /Users/me/.npm/_logs/2023-08-04T07_47_41_122Z-debug-0.log
%
% grep multer package.json
"multer": "^1.4.5-lts.1",
%
2) I also tried to install multer-gridfs-storage first.
% npm i multer-gridfs-storage
npm WARN deprecated @types/bson@4.2.0: This is a stub types definition. bson provides its own type definitions, so you do not need this installed.
npm WARN deprecated multer@1.4.4: Multer 1.x is affected by CVE-2022-24434. This is fixed in v1.4.4-lts.1 which drops support for versions of Node.js before 6. Please upgrade to at least Node.js 6 and version 1.4.4-lts.1 of Multer. If you need support for older versions of Node.js, we are open to accepting patches that would fix the CVE on the main 1.x release line, whilst maintaining compatibility with Node.js 0.10.
added 50 packages, and audited 424 packages in 4s
134 packages are looking for funding
run `npm fund` for details
4 high severity vulnerabilities
To address all issues (including breaking changes), run:
npm audit fix --force
Run `npm audit` for details.
%
As one can see in either cases there are problems.
Is there any good way to handle this situation?
