Parcel-Bundler is unable to resolve critical security issues

I recently followed a tutorial by Kevin Powell on SASS and Parcel through YouTube. I was able to successfully set up the SASS part and get the Parcel bundler working smoothly on one project, so everything seemed to be going well at that point.

However, today when I tried to create a new project and installed Parcel using 

npm install parcel-bundler --save-dev
, I encountered 2 high severity vulnerabilities. Despite running both npm audit fix and npm audit fix --force as recommended, I couldn't seem to resolve the issue.

The npm audit output is as follows:

npm audit report

node-forge  <=0.9.2
Severity: high
Prototype Pollution in node-forge - https://npmjs.com/advisories/1561
fix available via `npm audit fix --force`
Will install <a href="/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="047465766761682966716a6068617644352a">[email protected]</a>, which is a breaking change
node_modules/node-forge
  parcel-bundler  >=1.4.0
  Depends on vulnerable versions of node-forge
  node_modules/parcel-bundler

2 high severity vulnerabilities

To address all issues (including breaking changes), run:
  npm audit fix --force

Despite trying various solutions found online, I still couldn't fix the problem.

Even after conducting tests on both my PC and laptop—my main PC running Linux Mint 19.2 Cinnamon and the laptop operating on Windows 10—I consistently encountered the same 2 vulnerability issues. Is there any way to remedy this situation?

javascriptnpmbundler

Answer №1

I recently encountered the same issue and tried numerous solutions before finding one that worked.

npm add --dev parcel@next

Alternatively,

npm add --include=dev parcel@next

If these options do not work, you can also attempt:

npm install -D parcel@next

This version is 2.0.0-beta.1

In addition, I uninstalled NodeJS, removed users/{myName}/AppData/Roaming/npm directories, package.json, and node_modules.

Answer №2

Big thank you to @Stefan for the help!

Here's a brief rundown of the steps I took to get everything working smoothly:

I started fresh by removing all existing .json, node_modules, cache folders, and the dist folder that was supposed to hold the bundled code (html, css, etc.). This ensured I had a clean slate to begin with.

Next, I initialized npm:

npm init -y

Then I added 'Parcel' to the mix:

npm add --include=dev parcel@next

Any issues were promptly resolved by forcing the fix and ensuring there were no remaining problems:

npm audit fix --force

And now the magic happened...I simply ran Yarn and voilá, it worked like a charm!

yarn parcel index.html
  • npm version: 7.6.3
  • parcel version: 2.0.0-beta.1
  • yarn version: 1.22.5

Similar questions

If you have not found the answer to your question or you are interested in this topic, then look at other similar questions below or use the search

Error encountered: Denied access in AWS Transcription Node JS API

I have been working with the AWS transcription API in Node JS and my code looks like this: const tClient = new TranscribeClient({ region: "us-east-1", credentials: { accessKeyId: AWS_ID, secretAccessKey: SECRET, ...

javascriptnode.jsamazon-web-servicesamazon-transcribe

What is the correct process for submitting an HTML form following the loading of asynchronous data?

I've been searching high and low, but I can't seem to find the solution to my problem. I've scoured search engines and Stack Overflow with no luck. My dilemma is this: How can I trigger the submission of an HTML form only after asynchronous ...

javascripthtmlformsasynchronous

Regular expressions for intricate uppercase-lowercase situations

Looking for assistance with an app that converts text to braille formatting, specifically in handling uppercase letters. The rules are as follows: Add a ":" before a single uppercase letter. :This is an :Example Add another ":" before multiple upperc ...

javascriptregexuppercaselowercasebraille

Identifying Changes in Form Values Using jQuery

I am facing a challenge with a dynamic form that needs to detect the field sequence properly. Below is my JavaScript file: var i = 1; $("a.add-line").click(function(){ $("div.items").append( $('<div>').attr('id',&ap ...

javascriptjquery

The resizing of the window does not trigger any changes in the jQuery functions

Here is a snippet of jQuery code that executes one function when the window size is large (>=1024) and another when it is resized to be small. Although the console.logs behave as expected on resize, the functions themselves do not change. This means th ...

javascriptjquery

npm Error: Module 'timers/promises' Not Found

This inquiry is unique and separate from the following: 69062820 Error: Cannot locate module 'timers/promises 66859193 Module not found: Error: Unable to resolve 'timers' 50136805 Unable to find module 'timers' When executing any ...

node.jsnpm

Sequential execution not functioning properly in NodeJS Async series

Here is the code snippet I am working with: var async = require('async'); var rest = require('restler'); async.series([ function(callback){ rest.get('https://api.twitter.com/1.1/statuses/mentions_timeli ...

javascriptnode.jsasynchronousnpm

Incorporate a JavaScript library into a personalized JavaScript file that is utilized within my Angular2 project

Integrating Machine Learning into my Angular2 project using the "synaptic.js" JavaScript library is my goal. After executing the command npm install synaptic --save I intend to execute a custom javascript file (myJsFile.js): function myFunction() { v ...

javascriptnode.jsangulartypescriptsynaptic.js

What is the most effective way to loop and render elements within JSX?

Trying to achieve this functionality: import React from 'react'; export default class HelloWorld extends React.Component { public render(): JSX.Element { let elements = {"0": "aaaaa"}; return ( ...

javascriptreactjstypescript

Requesting data from a REST API using a nested query in a GET

After querying data from my MongoDB database, I am faced with the challenge of sending a GET request from the front end to meet this specific query. In my backend code, I retrieve the data using the following: const products = await Product.find({ &apo ...

javascriptdatabasemongodbrestmongoose

Fixing a div at the top post scroll - bug on iOS mobile device

I am looking to achieve a similar effect as demonstrated in the example below: https://css-tricks.com/scroll-fix-content/ Essentially, the goal is to have a div become fixed at the top of the page after scrolling to a certain point. Initially, the div wil ...

javascriptjqueryhtmlcss

Error TS2307: Module 'calculator' could not be located

Running a Sharepoint Framework project in Visual Studio Code: This is the project structure: https://i.stack.imgur.com/GAlsX.png The files are organized as follows: ComplexCalculator.ts export class ComplexCalculator { public sqr(v1: number): number ...

javascriptjsontypescriptgulpvisual-studio-code

picking out a particular set of data from a JSON document

I have a map of Europe along with a JSON file that displays the unemployment rate for each country in the year 2011. The JSON file also includes x and y elements, allowing me to place a blue circle on top of each country on the map. My goal is to be able ...

javascriptjqueryhtmlcssjson

Unveiling Angular library dependencies

Is there a way to conceal internal dependencies when developing an angular library? For example, during the development of my library, I added this dependency: yarn add moment-es6 However, I want to keep this as only an internal dependency and not impos ...

angularnpmangular-library

NodeJs: Transforming strings into UUID v4 efficiently

Suppose I have the following string: const input = '83e54feeeb444c7484b3c7a81b5ba2fd'; I want to transform it into a UUID v4 format as shown below: 83e54fee-eb44-4c74-84b3-c7a81b5ba2fd My current approach involves using a custom function: funct ...

javascriptnode.jsuuid

After compiling my project using npm run dev, Vue 3 throws an error

Hey there! I recently attempted to install the necessary dependencies for a Vue.JS app repository by running npm install. Subsequently, I launched the Vue.JS app using npm run dev. However, upon execution, an error popped up in the terminal: PS G:\ma ...

node.jsvue.jsnpmvite

Having trouble running a React project after cloning it from the repository

Just starting out with React and struggling to clone a functional React project. After cloning and navigating into the folder, I try to start with npm start but encounter the following error in my terminal: npm ERR! code ENOENT npm ERR! syscall open npm ...

node.jsreactjsnpm

How to Display Bootstrap4 Modal in VueJS without using Jquery

Is there a way to display a Bootstrap modal from a function in VueJS using vanilla JS? I am working on a project that only uses standard Bootstrap 4 and not BootstrapVue. //component.vue <template> <div> <button type="button" class ...

javascripttwitter-bootstrapvue.jsbootstrap-4bootstrap-modal

Tips for looping through each cell in a column of a DataTable to verify its content

I have a table generated using the jquery DataTables API. One of the columns displays word frequencies for each word in the table. If a frequency is less than 40, I want to change that cell to display "unranked" instead of the actual number. How can I ite ...

javascriptjquerydatatables

Unlocking two features with just a single tap

I am currently working on a website for a kiosk, where the site transitions like a photoslide between each section. To achieve this effect, I have added a layover/mask on the initial page. The layover/mask is removed using a mouse click function. This is ...

javascriptjqueryhtmlcss