Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

nom install后有异常 #3215

Closed
p2ng opened this issue Jul 27, 2018 · 3 comments
Closed

nom install后有异常 #3215

p2ng opened this issue Jul 27, 2018 · 3 comments
Labels

Comments

@p2ng
Copy link

p2ng commented Jul 27, 2018

Environment Info

Node version(node -v):
v10.7.0

Your site _config.yml (Optional):

Your theme _config.yml (Optional):

Hexo and Plugin version(npm ls --depth 0):
├── hexo@3.7.1
├── hexo-deployer-git@0.3.1
├── hexo-generator-archive@0.1.5
├── hexo-generator-category@0.1.3
├── hexo-generator-index@0.2.1
├── hexo-generator-tag@0.2.0
├── hexo-renderer-ejs@0.2.0
├── hexo-renderer-marked@0.2.11
├── hexo-renderer-stylus@0.3.3
├── hexo-server@0.2.2
└── hexo-wordcount@3.0.2

For BUG

  • nom install
> fsevents@1.2.4 install /Users/liangzp/Document/source/p2ng.github.io/node_modules/fsevents
> node install

[fsevents] Success: "/Users/liangzp/Document/source/p2ng.github.io/node_modules/fsevents/lib/binding/Release/node-v64-darwin-x64/fse.node" already installed
Pass --update-binary to reinstall or --build-from-source to recompile

> nunjucks@3.1.3 postinstall /Users/liangzp/Document/source/p2ng.github.io/node_modules/nunjucks
> node postinstall-build.js src

added 509 packages from 523 contributors and audited 2312 packages in 14.635s
found 1 low severity vulnerability
  run `npm audit fix` to fix them, or `npm audit` for details
  • nom audit

                       === npm audit security report ===

┌──────────────────────────────────────────────────────────────────────────────┐
│                                Manual Review                                 │
│            Some vulnerabilities require your attention to resolve            │
│                                                                              │
│         Visit https://go.npm.me/audit-guide for additional guidance          │
└──────────────────────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ Low           │ Regular Expression Denial of Service                         │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ uglify-js                                                    │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=2.6.0                                                      │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ hexo-deployer-git                                            │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ hexo-deployer-git > swig > uglify-js                         │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://nodesecurity.io/advisories/48                        │
└───────────────┴──────────────────────────────────────────────────────────────┘
found 1 low severity vulnerability in 2312 scanned packages
  1 vulnerability requires manual review. See the full report for details.

For question

查看依赖hexo-deployer-gitswig但是node_modules里没有swig文件夹、只有swig-extrasswig-templates
查看node_modules里有uglify-js而且版本是v2.6.0;

For feature request

@stale
Copy link

stale bot commented Oct 10, 2018

This issue has been automatically marked as stale because lack of recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

@yoshinorin
Copy link
Member

@p2ng
Thanks. I created PR to hexo-deployer-git repository.

@stale
Copy link

stale bot commented Dec 11, 2018

This issue has been automatically marked as stale because lack of recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

@stale stale bot added the stale label Dec 11, 2018
@stale stale bot closed this as completed Dec 18, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

2 participants