Running "npx create-react-app my-app" fails caused by found vulnerability
See original GitHub issueIs this a bug report?
Yes
Did you try recovering your dependencies?
npm 6.0.1
Which terms did you search for in User Guide?
None, see issue description.
Environment
npx: installed 67 in 13.51s
Environment: OS: Windows 10 Node: 8.11.2 Yarn: Not Found npm: 6.0.1 Watchman: Not Found Xcode: N/A Android Studio: Version 3.0.0.0 AI-171.4443003
ERROR: package.json not found!
Steps to Reproduce
- Open a new cmd.exe / powershell.exe prompt as user or as local administrator.
- Run
npx create-react-app my-app
Expected Behavior
A basic react environment should be created.
Actual Behavior
npm install fails. Full output:
PS > npx create-react-app my-app
npx: installed 67 in 9.444s
Creating a new React app in C:\pathto\my-app.
Installing packages. This might take a couple of minutes.
Installing react, react-dom, and react-scripts...
The system cannot find the path specified.
> uglifyjs-webpack-plugin@0.4.6 postinstall C:\pathto\my-app\node_modules\uglifyjs-webpack-plug
in
> node lib/post_install.js
+ react-dom@16.3.2
+ react@16.3.2
+ react-scripts@1.1.4
added 1321 packages from 811 contributors in 224.148s
[!] 1 vulnerability found [14378 packages audited]
Severity: 1 Critical
Run `npm audit` for more detail
Aborting installation.
npm install --save --save-exact --loglevel error react react-dom react-scripts has failed.
Deleting generated file... node_modules
Deleting generated file... package.json
Done.
Reproducible Demo
Really just any Windows PC with the env. spec. I posted. Node + all NPM / Node folders on the system have been deleted and node re-installed (tested both: node v8.11.2 LTS and node 10 latest (v10.1.0)). Node cache was verified and force cleaned multiple times as well. I still get the same error.
Issue Analytics
- State:
- Created 5 years ago
- Comments:11 (6 by maintainers)
Top Results From Across the Web
96 vulnerabilities after running npx create-react-app ... - GitHub
node version 16.3.0 nom version 7.15.1 While executing the command npx create-react-app my-app, I am getting 96 vulnerabilities (85 moderate ...
Read more >npx create-react-app my-app fails because of vulnerability
After looking online, it seems like there is a problem with node.js v12.6.2 , x64, which causes the problem you are facing. If...
Read more >aborting installation create react app - You.com | The AI ...
I solved it by running: del -rf node_modules package-lock.json and npm cache clean --force on windows. Open side panel. npx create-react-app myapp doesn't ......
Read more >Create React App cannot create new applications: No longer ...
Sometimes, Create React App will produce an error when you try to create a new application using npx or npm init .
Read more >Why is the latest npx create-react-app my-app STILL showing ...
Why is the latest npx create-react-app my-app STILL showing high vulnerabilites after install ? ... It appears the culprit is react-scripts.. and ...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
This looks resolved, postcss-filter-plugins removed uniqid dependency in their latest update and subsequently the audit check passes.
@bugzpodder thanks for the followup!