hope that utf-8-validate will upgrade node-gyp-build dependency to a compatible version range , such as v4.8.1 #115
Comments
|
I've just encountered the same problem trying to upgrade from [email protected] -> 6.0.4 on a Windows based project. It would appear from the error message to be related to this issue with node-gyp-build. The issue is not only limited to Vite ecosystems but any project building on Windows using node 20 and above. The solution, indeed, would appear to be as simple as upgrading the node-gyp-build dependency of the utf8-8-validate project to v4.8.1 |
Thank you for your reply, but modifying the lock file does not seem to be a good solution, for example, many of our projects do not lock versions. My question is, if it is possible to update the version to the latest fully compatible version, users do not need to modify the lock file separately. Is there any other consideration in it? |
We have found the reason, because we are in an offline environment and the npm source is a private source built by ourselves. The latest node gyp build version on the private source is 4.6.0, so it has not been working |
I am developing a vue3 project, using vite:5.2.12, vite depends on ws:8.13.0, ws depends on utf-8-validate, using node version 18.17.0, pnpm install is normal, using 20.14.0 or 22.3.0, the installation of dependencies fails, and the running install script fails, that is, calling the node-gyp-build script fails.
The core issue is a version vulnerability in node spawn.
The direct reason is that the lower version of node-gyp-build used spawn without adding a shell parameter. But his latest version has fixed the issue, hoping that utf-8-validate will upgrade the dependency range to a compatible version range, such as v4.8.1. Currently, a large number of Vite ecosystem libraries have problems on node 20 and above versions, such as Vitest, etc
The text was updated successfully, but these errors were encountered: