Hello Guys,
I’m reading the ebook Programming Phoenix 1.4 and in the subchapter “Phoenix LiveView” of the chapter “What’s Next?” I cloned the Phoenix LiveView Example.
So I made the steps for run and when I run the npm install. I have a warning for fix the npm audit.
So I try to fix like recommend the steps and with --force.
But it complains for 1 vulnerability.
$ npm audit
=== npm audit security report ===
┌──────────────────────────────────────────────────────────────────────────────┐
│ Manual Review │
│ Some vulnerabilities require your attention to resolve │
│ │
│ Visit https://go.npm.me/audit-guide for additional guidance │
└──────────────────────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ High │ Arbitrary File Overwrite │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package │ tar │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in │ >=2.2.2 <3.0.0 || >=4.4.2 │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ webpack [dev] │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path │ webpack > watchpack > chokidar > fsevents > node-pre-gyp > │
│ │ tar │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info │ https://npmjs.com/advisories/803 │
└───────────────┴──────────────────────────────────────────────────────────────┘
found 1 high severity vulnerability in 6579 scanned packages
1 vulnerability requires manual review. See the full report for details.
But also I wouldn‘t worry about it too much. For production app you won‘t be running node, webpack or this tar package. The scripts will be compiled to 1 JS file and served statically.
I tried to do like you told me. But I made a mistake, so rather than put npm update.
I put to run run npm instal and I get this error:
npm install
npm ERR! code ETARGET
npm ERR! notarget No matching version found for babel-core@^7.0.0.
npm ERR! notarget In most cases you or one of your dependencies are requesting
npm ERR! notarget a package version that doesn't exist.
npm ERR! A complete log of this run can be found in:
npm ERR! /Users/romenigld/.npm/_logs/2019-12-06T11_50_08_131Z-debug.log
So I was seeking for update this and what I do was:
$ npm install --save-dev @babel/core @babel/preset-env
npm WARN assets No description
+ @babel/preset-env@7.7.4
+ @babel/core@7.7.4
added 115 packages from 35 contributors and audited 8924 packages in 11.732s
found 0 vulnerabilities
$ npm install
npm WARN assets No description
audited 8924 packages in 5.238s
found 0 vulnerabilities
Sorry, I tried right now for check if the updates run the app nice.
And it wasn’t good thing update this babel core.
Now when I try to run the server the app with LiveView don’t work correctly and it complains for this:
$ iex -S mix phx.server
Erlang/OTP 21 [erts-10.1.1] [source] [64-bit] [smp:4:4] [ds:4:4:10] [async-threads:1] [hipe]
[info] Running DemoWeb.Endpoint with cowboy 2.7.0 at 0.0.0.0:4000 (http)
[info] Access DemoWeb.Endpoint at http://localhost:4000
Interactive Elixir (1.9.2) - press Ctrl+C to exit (type h() ENTER for help)
iex(1)>
webpack is watching the files…
1 module
ERROR in ./js/app.js
Module build failed (from ./node_modules/babel-loader/lib/index.js):
TypeError: /Users/romenigld/workspace/phoenix/Programming Phoenix 1.4/phoenix_live_view_example/assets/js/app.js: Cannot read property 'bindings' of null
at Scope.moveBindingTo (/Users/romenigld/workspace/phoenix/Programming Phoenix 1.4/phoenix_live_view_example/assets/node_modules/@babel/traverse/lib/scope/index.js:822:13)
at BlockScoping.updateScopeInfo (/Users/romenigld/workspace/phoenix/Programming Phoenix 1.4/phoenix_live_view_example/assets/node_modules/babel-plugin-transform-es2015-block-scoping/lib/index.js:364:17)
at BlockScoping.run (/Users/romenigld/workspace/phoenix/Programming Phoenix 1.4/phoenix_live_view_example/assets/node_modules/babel-plugin-transform-es2015-block-scoping/lib/index.js:330:12)
at PluginPass.BlockStatementSwitchStatementProgram (/Users/romenigld/workspace/phoenix/Programming Phoenix 1.4/phoenix_live_view_example/assets/node_modules/babel-plugin-transform-es2015-block-scoping/lib/index.js:70:24)
at newFn (/Users/romenigld/workspace/phoenix/Programming Phoenix 1.4/phoenix_live_view_example/assets/node_modules/@babel/traverse/lib/visitors.js:179:21)
at NodePath._call (/Users/romenigld/workspace/phoenix/Programming Phoenix 1.4/phoenix_live_view_example/assets/node_modules/@babel/traverse/lib/path/context.js:55:20)
at NodePath.call (/Users/romenigld/workspace/phoenix/Programming Phoenix 1.4/phoenix_live_view_example/assets/node_modules/@babel/traverse/lib/path/context.js:42:17)
at NodePath.visit (/Users/romenigld/workspace/phoenix/Programming Phoenix 1.4/phoenix_live_view_example/assets/node_modules/@babel/traverse/lib/path/context.js:90:31)
at TraversalContext.visitQueue (/Users/romenigld/workspace/phoenix/Programming Phoenix 1.4/phoenix_live_view_example/assets/node_modules/@babel/traverse/lib/context.js:112:16)
at TraversalContext.visitSingle (/Users/romenigld/workspace/phoenix/Programming Phoenix 1.4/phoenix_live_view_example/assets/node_modules/@babel/traverse/lib/context.js:84:19)
at TraversalContext.visit (/Users/romenigld/workspace/phoenix/Programming Phoenix 1.4/phoenix_live_view_example/assets/node_modules/@babel/traverse/lib/context.js:140:19)
at Function.traverse.node (/Users/romenigld/workspace/phoenix/Programming Phoenix 1.4/phoenix_live_view_example/assets/node_modules/@babel/traverse/lib/index.js:84:17)
at traverse (/Users/romenigld/workspace/phoenix/Programming Phoenix 1.4/phoenix_live_view_example/assets/node_modules/@babel/traverse/lib/index.js:66:12)
at transformFile (/Users/romenigld/workspace/phoenix/Programming Phoenix 1.4/phoenix_live_view_example/assets/node_modules/@babel/core/lib/transformation/index.js:119:29)
at runSync (/Users/romenigld/workspace/phoenix/Programming Phoenix 1.4/phoenix_live_view_example/assets/node_modules/@babel/core/lib/transformation/index.js:48:5)
at runAsync (/Users/romenigld/workspace/phoenix/Programming Phoenix 1.4/phoenix_live_view_example/assets/node_modules/@babel/core/lib/transformation/index.js:35:14)
at process.nextTick (/Users/romenigld/workspace/phoenix/Programming Phoenix 1.4/phoenix_live_view_example/assets/node_modules/@babel/core/lib/transform.js:34:34)
at process._tickCallback (internal/process/next_tick.js:61:11)
[debug] Live reload: priv/static/js/app.js
[debug] Live reload: priv/static/images/phoenix.png
[info] GET /
[debug] Processing with DemoWeb.PageController.index/2
Parameters: %{"location" => "Donostia"}
Now for rollback it just needed to put the other version and npm update?
Thank you for reply @kokolegorille, but I was thinking it’s a lot of things to do.
An maybe it will be better if anyone can do a pull request for this project and everybody can update by git or download?