Node.js 节点模块'；更新或安装后是否不会更新的依赖项？_Node.js_Npm_Highcharts

Node.js 节点模块'；更新或安装后是否不会更新的依赖项？

node.js npm highcharts

Node.js 节点模块'；更新或安装后是否不会更新的依赖项？,node.js,npm,highcharts,Node.js,Npm,Highcharts,我想在我的应用程序中使用react highcharts。我使用了npm install react highcharts，成功地发出了警告： found 1 high severity vulnerability, run `npm audit fix` to fix them, or `npm audit` for details. npm审计修复什么也没做；它说我必须手动修复这个问题。我运行了npm审计，查看发生了什么，并得到了 === np

我想在我的应用程序中使用

react highcharts

。我使用了

npm install react highcharts

，成功地发出了警告：

found 1 high severity vulnerability, run `npm audit fix` to fix them, or `npm audit` for details.

npm审计修复

什么也没做；它说我必须手动修复这个问题。我运行了

npm审计

，查看发生了什么，并得到了

                       === npm audit security report ===

┌──────────────────────────────────────────────────────────────────────────────┐
│                                Manual Review                                 │
│            Some vulnerabilities require your attention to resolve            │
│                                                                              │
│         Visit https://go.npm.me/audit-guide for additional guidance          │
└──────────────────────────────────────────────────────────────────────────────┘
┌───────────────┬──────────────────────────────────────────────────────────────┐
│ High          │ Cross-Site Scripting                                         │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Package       │ highcharts                                                   │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Patched in    │ >=7.2.2 <8.0.0 || >=8.1.1                                    │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Dependency of │ react-highcharts                                             │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ Path          │ react-highcharts > highcharts                                │
├───────────────┼──────────────────────────────────────────────────────────────┤
│ More info     │ https://npmjs.com/advisories/1227                            │
└───────────────┴──────────────────────────────────────────────────────────────┘
found 1 high severity vulnerability in 994 scanned packages
  1 vulnerability requires manual review. See the full report for details.

“如果它以ok结尾就行了，”但是你看：

❯ npm list highcharts
myproj@1.0.0 /Users/actinidia/myproj
└─┬ react-highcharts@16.1.0
  └── highcharts@6.2.0

我还有

highcharts@6.2.0

！运行

npm install highcharts

只会得到highcharts的第二个副本，尽管新版本实际上是9.0.0版：

├── highcharts@9.0.0
└─┬ react-highcharts@16.1.0
  └── highcharts@6.2.0

如何更新

react highcharts

将使用的依赖项？

您应该先卸载highcharts，然后重新安装

npm uninstall react-highcharts
npm install react-highcharts

删除已安装的：node_模块和package-lock.json 修改package.json格式，如下所示 npm审核修复-强制 npm安装

我遵循并安装了官方支持的Highcharts包装器。这很容易

❯ npm install highcharts-react-official
npm WARN highcharts-react-official@3.0.0 requires a peer of highcharts@>=6.0.0
but none is installed. You must install peer dependencies yourself.

+ highcharts-react-official@3.0.0
added 1 package and audited 992 packages in 4.48s

❯ npm install highcharts
+ highcharts@9.0.0
added 1 package from 1 contributor and audited 993 packages in 4.978s

这将产生两份highcharts（9.0.0和6.2.0）；请参阅我文章的底部了解我的意思。然后，您应该在不使用highcharts的情况下修改package.json文件，并使用force命令安装npm。Hi@actinidia，我建议您使用官方支持的highcharts包装器：

❯ npm install highcharts-react-official
npm WARN highcharts-react-official@3.0.0 requires a peer of highcharts@>=6.0.0
but none is installed. You must install peer dependencies yourself.

+ highcharts-react-official@3.0.0
added 1 package and audited 992 packages in 4.48s

❯ npm install highcharts
+ highcharts@9.0.0
added 1 package from 1 contributor and audited 993 packages in 4.978s