djfdyuruiry / improved-yarn-audit Goto Github PK

View Code? Open in Web Editor NEW

45.0 45.0 13.0 401 KB

A wrapper around yarn audit that fixes many issues

License: MIT License

JavaScript 78.19% Shell 21.81%

improved-yarn-audit's People

Contributors

Stargazers

Watchers

Forkers

joelbiffin felixgourdeau benhodgson87 pi0 matthewquinn petewarman firefox0102 forgeglobal foxleigh81 rmaclean-ee mikkopori osvaldorino steven-visagie

improved-yarn-audit's Issues

SyntaxError: Unexpected end of JSON input

I keep getting this error when running yarn run improved-yarn-audit. It only started today, with the presence of this NPM advisory for the Lodash package: https://www.npmjs.com/advisories/1523.

Note that I have a .iyarc file to ignore this advisory. I get the same error regardless of this file's presence, though.

$ yarn run improved-yarn-audit
yarn run v1.22.4
$ /path/to/my/project/node_modules/.bin/improved-yarn-audit
Improved Yarn Audit - v2.2.1

Reading excluded advisories from .iyarc
Minimum severity level to report: low
Excluded Advisories: [1523]

Running yarn audit...

ERROR: Unable to parse yarn audit output: SyntaxError: Unexpected end of JSON input
Try running `yarn audit` for more info
error Command failed with exit code 1.
info Visit https://yarnpkg.com/en/docs/cli/run for documentation about this command.

I also tried running the command with the --min-severity moderate option appended to the end. When I do so, I do not get an error.

support same --json output as yarn audit

If this is aiming to be a drop in replacement it would be useful to also support the --json output feature of yarn audit

Support yarn 3

As yarn 3 adoption increases, it would be nice if we have support for yarn 3 audit: yarn npm audit

Ignore vulnerabilities in devDependencies

Hi,

I would like to ignore vulnerabilities in devDependencies as these dependencies are only used on the development machines. Is there any way to ignore all vulnerabilities in devDependencies? (or at least show them, but don't exit with an exit code > 0)

Same vulnerabilities reported several times

(Very nice package, much more useful in CI!)

The same vulnerability is reported, it seems, as many times as there are modules that depend on the vulnerable package:

Improved Yarn Audit - v2.3.3

Minimum severity level to report: low
Excluded Advisories: [1693,1695]

Running yarn audit...

Found 2 vulnerabilities

8 ignored because of advisory exclusions

Vulnerability Found:

  Severity: MODERATE
  Modules: browserslist, stylelint>autoprefixer>browserslist
  URL: https://npmjs.com/advisories/1747

Vulnerability Found:

  Severity: MODERATE
  Modules: browserslist, stylelint>autoprefixer>browserslist
  URL: https://npmjs.com/advisories/1747

Show package name in output

This is more of a request than an issue but it would be nice if the output showed the name of the package along with link to the relevant advisory.

e.x.

instead of:

Vulnerability Found: HIGH - https://npmjs.com/advisories/xxx

show:

Vulnerability Found: HIGH - package_name - https://npmjs.com/advisories/xxxx

Large number of exclusion findings causes OOM trying to run JSON.stringify

The following line:

logDebug(`Excluded audit advisories:\n${toJson(excludedAuditAdvisories)}\n`)

causes the audit to fail because the string is too large (it contains many copies of the same advisory). The simplest solution would be to just remove the logDebug statements from printAuditReport altogether. Alternatively, it could just log the distinct advisories. Also, tests are currently failing for me using the tip of master or I would probably offer to make a PR for this.

Improved Yarn Audit - v2.3.1

Reading excluded advisories from .iyarc
Minimum severity level to report: low
Excluded Advisories: [1556,1561]

Running yarn audit...

Audit failed due to an error: 

RangeError: Invalid string length
    at JSON.stringify (<anonymous>)
    at toJson (/Users/mdurling/Repos/lacuna/lacuna-core/node_modules/improved-yarn-audit/bin/improved-yarn-audit:457:15)
    at printAuditReport (/Users/mdurling/Repos/lacuna/lacuna-core/node_modules/improved-yarn-audit/bin/improved-yarn-audit:137:43)
    at runAuditReport (/Users/mdurling/Repos/lacuna/lacuna-core/node_modules/improved-yarn-audit/bin/improved-yarn-audit:418:3)
    at runMicrotasks (<anonymous>)
    at processTicksAndRejections (internal/process/task_queues.js:97:5)
    at async withTempDir (/Users/mdurling/Repos/lacuna/lacuna-core/node_modules/improved-yarn-audit/bin/improved-yarn-audit:436:10)
    at async main (/Users/mdurling/Repos/lacuna/lacuna-core/node_modules/improved-yarn-audit/bin/improved-yarn-audit:599:25)
error Command failed with exit code 1.
info Visit https://yarnpkg.com/en/docs/cli/run for documentation about this command.
Command failed: /Users/mdurling/.yvm/versions/v1.20.0/bin/yarn.js improved-yarn-audit

"No such file or directory" for latest release

Hi,

I'm getting the following after upgrading to the latest version on Linux:

No such file or directory
error Command failed with exit code 127.

I also added a blank .iyarc file to see if this fixes it, but it's still showing the error. After downgrading to 2.2.1, the error goes away.

Cannot add an exclusion list for advisories with the GitHub URL

WARNING: One or more excluded audit advisories were missing from yarn audit output: 1693,1695

Probably as advisories now come from GitHub? https://github.com/advisories/GHSA-4943-9vgg-gr5r
But it doesn't allow me to use the GHSA identifier and neither the URL.

Is there a workaround to add these to an exclusion list?

Fail on unused "excluded" advisory

Hi,

would it be possible to add a new flag like "--fail-on-unused-excludes" which causes the command to fail (exit code 1) if there is an advisory excluded which no longer effects the current audit (e.g. the package in question was already updated)?

This could really help me clean-up "old" excluded advisories which no longer affect the current set of packages.

Allow excludes to be defined in an ignore file in place of an arg

Feature request rather than an issue:

Similar to how publish-please handles ignoring advisories, it would be nice if advisory codes to be excluded could also be listed in an ignore file (eg. .auditignore). This would be handy for version control, putting each ignore code onto it's own line, and would also allow for supplementing codes with commenting, or defining the ignore code as the full npm url (ie. https://npmjs.com/advisories/12) - making it easier to quickly track back to an issue.

Happy to look at putting forward a PR for this.

Temporarily supress advisory

Hi, I really like this tool for its ability to suppress advisories that can't be reasonably addressed at the moment. Given the issues usually get resolved sometime later, it would be great to have the ability to specify the expiration of ignoring advisories in the .iarc file (so we don't have to manually revisit them), perhaps by optionally passing the expiration ISO8601 timestamp next to the suppressed advisory, what do you think? There's perhaps some more sensible approach I didn't think of

Feature request: allow arbitrary paths to package.json

yarn run improved-yarn-audit --package-json some/path/package.json

Advisory IDs changed - exclusions broken

It seems that the advisory IDs have changed from a pure integer format to a string.

For example, https://www.npmjs.com/advisories/1751 now redirects to GHSA-ww39-953v-wcq6

But if I put GHSA-ww39-953v-wcq6 in my exclusions file, it won't get matched due to the regex on line 531 looking only for digits (I believe -- my regex skills are limited).

Looking forward to an updated version that will handle the string format (or some sort of workaround).

[Q] Is there a way to exclude private package?

I have a private npm packages being used on one of a project ?
When running the audit, i receive
{"type":"error","data":"An unexpected error occurred: \"Cannot create property on string '{}'\"."}

Is there a way to exclude a package?

// repo info
yarn: 1.22.19

uses .npmrc

ERROR: Unable to parse yarn audit output

yarn run improved-yarn-audit --min-severity high
yarn run v1.22.0
$ /~~~~~/node_modules/.bin/improved-yarn-audit --min-severity high
Minimum severity level to report: high

Running yarn audit...

ERROR: Unable to parse yarn audit output, raw output:
[{"type":"auditAdvisory","data":{"resolution":{"id":786,"path":"babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"1.8.5","paths":["babel-jest>babel-plugin-istanbul>test-exclude>micromatch>braces"]}],"id":786,"created":"2019-02-15T21:44:30.680Z","updated":"2019-04-02T18:18:29.356Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"link":"","name":"Santosh Rao"},"reported_by":{"link":"","name":"Santosh Rao"},"module_name":"braces","cves":[],"vulnerable_versions":"<2.3.1","patched_versions":">=2.3.1","overview":"Versions of `braces` prior to 2.3.1 are vulnerable to Regular Expression Denial of Service (ReDoS). Untrusted input may cause catastrophic backtracking while matching regular expressions. This can cause the application to be unresponsive leading to Denial of Service.","recommendation":"Upgrade to version 2.3.1 or higher.","references":"- [GitHub Commit](https://github.com/micromatch/braces/commit/abdafb0cae1e0c00f184abbadc692f4eaa98f451)","access":"public","severity":"low","cwe":"CWE-185","metadata":{"module_type":"","exploitability":4,"affected_components":""},"url":"https://npmjs.com/advisories/786"}}},{"type":"auditAdvisory","data":{"resolution":{"id":1488,"path":"jest>jest-cli>@jest/core>@jest/reporters>jest-runtime>jest-config>jest-environment-jsdom>jsdom>acorn","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"6.3.0","paths":["@vue/cli-plugin-babel>webpack>acorn","@vue/cli-plugin-eslint>webpack>acorn","@vue/cli-plugin-unit-jest>jest>jest-cli>@jest/core>@jest/reporters>jest-runtime>jest-config>jest-environment-jsdom>jsdom>acorn-globals>acorn","jest>jest-cli>@jest/core>@jest/reporters>jest-runtime>jest-config>jest-environment-jsdom>jsdom>acorn-globals>acorn","@vue/cli-plugin-unit-jest>jest>jest-cli>@jest/core>jest-runner>jest-jasmine2>jest-runtime>jest-config>jest-environment-jsdom>jsdom>acorn-globals>acorn","jest>jest-cli>@jest/core>jest-runner>jest-jasmine2>jest-runtime>jest-config>jest-environment-jsdom>jsdom>acorn-globals>acorn","@vue/cli-plugin-unit-jest>jest>jest-cli>@jest/core>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>acorn-globals>acorn","jest>jest-cli>@jest/core>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>acorn-globals>acorn","@vue/cli-plugin-unit-jest>jest>jest-cli>@jest/core>jest-runtime>jest-config>jest-environment-jsdom>jsdom>acorn-globals>acorn","jest>jest-cli>@jest/core>jest-runtime>jest-config>jest-environment-jsdom>jsdom>acorn-globals>acorn","@vue/cli-plugin-unit-jest>jest>jest-cli>@jest/core>jest-runner>jest-config>jest-environment-jsdom>jsdom>acorn-globals>acorn","jest>jest-cli>@jest/core>jest-runner>jest-config>jest-environment-jsdom>jsdom>acorn-globals>acorn","@vue/cli-plugin-unit-jest>jest>jest-cli>@jest/core>jest-config>jest-environment-jsdom>jsdom>acorn-globals>acorn","jest>jest-cli>@jest/core>jest-config>jest-environment-jsdom>jsdom>acorn-globals>acorn","@vue/cli-plugin-unit-jest>jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>acorn-globals>acorn","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>acorn-globals>acorn","jsdom>acorn-globals>acorn","@vue/cli-plugin-unit-jest>jest-environment-jsdom-fifteen>jsdom>acorn-globals>acorn","eslint>espree>acorn","eslint-plugin-vue>vue-eslint-parser>espree>acorn","webpack>acorn","webpack-stream>webpack>acorn"]},{"version":"5.7.3","paths":["@vue/cli-plugin-unit-jest>jest>jest-cli>@jest/core>@jest/reporters>jest-runtime>jest-config>jest-environment-jsdom>jsdom>acorn","jest>jest-cli>@jest/core>@jest/reporters>jest-runtime>jest-config>jest-environment-jsdom>jsdom>acorn","@vue/cli-plugin-unit-jest>jest>jest-cli>@jest/core>jest-runner>jest-jasmine2>jest-runtime>jest-config>jest-environment-jsdom>jsdom>acorn","jest>jest-cli>@jest/core>jest-runner>jest-jasmine2>jest-runtime>jest-config>jest-environment-jsdom>jsdom>acorn","@vue/cli-plugin-unit-jest>jest>jest-cli>@jest/core>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>acorn","jest>jest-cli>@jest/core>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>acorn","@vue/cli-plugin-unit-jest>jest>jest-cli>@jest/core>jest-runtime>jest-config>jest-environment-jsdom>jsdom>acorn","jest>jest-cli>@jest/core>jest-runtime>jest-config>jest-environment-jsdom>jsdom>acorn","@vue/cli-plugin-unit-jest>jest>jest-cli>@jest/core>jest-runner>jest-config>jest-environment-jsdom>jsdom>acorn","jest>jest-cli>@jest/core>jest-runner>jest-config>jest-environment-jsdom>jsdom>acorn","@vue/cli-plugin-unit-jest>jest>jest-cli>@jest/core>jest-config>jest-environment-jsdom>jsdom>acorn","jest>jest-cli>@jest/core>jest-config>jest-environment-jsdom>jsdom>acorn","@vue/cli-plugin-unit-jest>jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>acorn","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>acorn","jsdom>acorn"]},{"version":"6.3.0","paths":["@vue/cli-service>webpack>acorn"]},{"version":"6.3.0","paths":["@vue/cli-service>webpack-bundle-analyzer>acorn"]},{"version":"5.7.3","paths":["gulp-sourcemaps>@gulp-sourcemaps/identity-map>acorn"]},{"version":"5.7.3","paths":["gulp-sourcemaps>acorn"]}],"id":1488,"created":"2020-03-02T19:21:25.485Z","updated":"2020-03-10T17:44:45.038Z","deleted":null,"title":"Regular Expression Denial of Service","found_by":{"link":"","name":"Peter van der Zee","email":""},"reported_by":{"link":"","name":"Peter van der Zee","email":""},"module_name":"acorn","cves":[],"vulnerable_versions":">=5.5.0 <5.7.4 || >=6.0.0 <6.4.1 || >=7.0.0 <7.1.1","patched_versions":">=5.7.4 <6.0.0 || >=6.4.1 <7.0.0 || >=7.1.1","overview":"Affected versions of `acorn` are vulnerable to Regular Expression Denial of Service. A regex in the form of `/[x-\\ud800]/u` causes the parser to enter an infinite loop. The string is not valid UTF16 which usually results in it being sanitized before reaching the parser. If an application processes untrusted input and passes it directly to `acorn`, attackers may leverage the vulnerability leading to Denial of Service.","recommendation":"Upgrade to versions 5.7.4, 6.4.1, 7.1.1 or later.","references":"","access":"public","severity":"moderate","cwe":"CWE-400","metadata":{"module_type":"","exploitability":3,"affected_components":""},"url":"https://npmjs.com/advisories/1488"}}},{"type":"auditAdvisory","data":{"resolution":{"id":1488,"path":"jest>jest-cli>@jest/core>jest-runner>jest-jasmine2>jest-runtime>jest-config>jest-environment-jsdom>jsdom>acorn","dev":false,"optional":false,"bundled":false},"advisory":{"findings":[{"version":"6.3.0","paths":["@vue/cli-plugin-babel>webpack>acorn","@vue/cli-plugin-eslint>webpack>acorn","@vue/cli-plugin-unit-jest>jest>jest-cli>@jest/core>@jest/reporters>jest-runtime>jest-config>jest-environment-jsdom>jsdom>acorn-globals>acorn","jest>jest-cli>@jest/core>@jest/reporters>jest-runtime>jest-config>jest-environment-jsdom>jsdom>acorn-globals>acorn","@vue/cli-plugin-unit-jest>jest>jest-cli>@jest/core>jest-runner>jest-jasmine2>jest-runtime>jest-config>jest-environment-jsdom>jsdom>acorn-globals>acorn","jest>jest-cli>@jest/core>jest-runner>jest-jasmine2>jest-runtime>jest-config>jest-environment-jsdom>jsdom>acorn-globals>acorn","@vue/cli-plugin-unit-jest>jest>jest-cli>@jest/core>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>acorn-globals>acorn","jest>jest-cli>@jest/core>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>acorn-globals>acorn","@vue/cli-plugin-unit-jest>jest>jest-cli>@jest/core>jest-runtime>jest-config>jest-environment-jsdom>jsdom>acorn-globals>acorn","jest>jest-cli>@jest/core>jest-runtime>jest-config>jest-environment-jsdom>jsdom>acorn-globals>acorn","@vue/cli-plugin-unit-jest>jest>jest-cli>@jest/core>jest-runner>jest-config>jest-environment-jsdom>jsdom>acorn-globals>acorn","jest>jest-cli>@jest/core>jest-runner>jest-config>jest-environment-jsdom>jsdom>acorn-globals>acorn","@vue/cli-plugin-unit-jest>jest>jest-cli>@jest/core>jest-config>jest-environment-jsdom>jsdom>acorn-globals>acorn","jest>jest-cli>@jest/core>jest-config>jest-environment-jsdom>jsdom>acorn-globals>acorn","@vue/cli-plugin-unit-jest>jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>acorn-globals>acorn","jest>jest-cli>jest-config>jest-environment-jsdom>jsdom>acorn-globals>acorn","jsdom>acorn-globals>acorn","@vue/cli-plugin-unit-jest>jest-environment-jsdom-fifteen>jsdom>acorn-globals>acorn","eslint>espree>acorn","eslint-plugin-vue>vue-eslint-parser>espree>acorn","webpack>acorn","webpack-stream>webpack>acorn"]},{"version":"5.7.3","paths":["@vue/cli-plugin-unit-jest>jest>jest-cli>@jest/core>@jest/reporters>jest-runtime>jest-config>jest-environment-jsdom>jsdom>acorn","jest>jest-cli>@jest/core>@jest/reporters>jest-runtime>jest-config>jest-environment-jsdom>jsdom>acorn","@vue/cli-plugin-unit-jest>jest>jest-cli>@jest/core>jest-runner>jest-jasmine2>jest-runtime>jest-config>jest-environment-jsdom>jsdom>acorn","jest>jest-cli>@jest/core>jest-runner>jest-jasmine2>jest-runtime>jest-config>jest-environment-jsdom>jsdom>acorn","@vue/cli-plugin-unit-jest>jest>jest-cli>@jest/core>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>acorn","jest>jest-cli>@jest/core>jest-runner>jest-runtime>jest-config>jest-environment-jsdom>jsdom>acorn","@vue/cli-plugin-unit-jest>jest>jest-cli>@jest/core>jest-runtime>jest-config>jest-environment-jsdom>jsdom>acorn","jest>jest-cli>@jest/core>jest,<--- Last few GCs --->,,[9239:0x103b13000]    38315 ms: Mark-sweep 1396.8 (1455.7) -> 1396.8 (1455.7) MB, 80.8 / 0.0 ms  (average mu = 0.145, current mu = 0.006) allocation failure scavenge might not succeed,[9239:0x103b13000]    38391 ms: Mark-sweep 1396.8 (1455.7) -> 1396.8 (1455.7) MB, 75.7 / 0.0 ms  (average mu = 0.080, current mu = 0.002) allocation failure scavenge might not succeed,,,<--- JS stacktrace --->,,==== JS stack trace =========================================,,Security context: 0x204a8f21e6e9 <JSObject>,    0: builtin exit frame: stringify(this=0x204a66933ea9 <Object map = 0x204a05c8b9f1>,0x204aab6026f1 <undefined>,0x204aab6026f1 <undefined>,0x204a914371f9 <Object map = 0x204a05ce8e81>,0x204a66933ea9 <Object map = 0x204a05c8b9f1>),,    1: arguments adaptor frame: 1->3,    2: stringify [0x204ab655d591] [/usr/local/Cellar/yarn/1.22.0/libexec/lib/cli.js:~104818] [pc=0x2e288b7fbb7c](this=0x204acdf0...,,FATAL ERROR: Ineffective mark-compacts near heap limit Allocation failed - JavaScript heap out of memory, 1: 0x10096dd2e node::Abort() (.cold.1) [/usr/local/Cellar/node@10/10.19.0/bin/node], 2: 0x10003b906 node_module_register [/usr/local/Cellar/node@10/10.19.0/bin/node], 3: 0x10003bac7 node::OnFatalError(char const*, char const*) [/usr/local/Cellar/node@10/10.19.0/bin/node], 4: 0x100178fd3 v8::Utils::ReportOOMFailure(v8::internal::Isolate*, char const*, bool) [/usr/local/Cellar/node@10/10.19.0/bin/node], 5: 0x100178f75 v8::internal::V8::FatalProcessOutOfMemory(v8::internal::Isolate*, char const*, bool) [/usr/local/Cellar/node@10/10.19.0/bin/node], 6: 0x10042d4e8 v8::internal::Heap::UpdateSurvivalStatistics(int) [/usr/local/Cellar/node@10/10.19.0/bin/node], 7: 0x10042f125 v8::internal::Heap::CheckIneffectiveMarkCompact(unsigned long, double) [/usr/local/Cellar/node@10/10.19.0/bin/node], 8: 0x10042c7c2 v8::internal::Heap::PerformGarbageCollection(v8::internal::GarbageCollector, v8::GCCallbackFlags) [/usr/local/Cellar/node@10/10.19.0/bin/node], 9: 0x10042b5d3 v8::internal::Heap::CollectGarbage(v8::internal::AllocationSpace, v8::internal::GarbageCollectionReason, v8::GCCallbackFlags) [/usr/local/Cellar/node@10/10.19.0/bin/node],10: 0x100433bfa v8::internal::Heap::AllocateRawWithLigthRetry(int, v8::internal::AllocationSpace, v8::internal::AllocationAlignment) [/usr/local/Cellar/node@10/10.19.0/bin/node],11: 0x100433c44 v8::internal::Heap::AllocateRawWithRetryOrFail(int, v8::internal::AllocationSpace, v8::internal::AllocationAlignment) [/usr/local/Cellar/node@10/10.19.0/bin/node],12: 0x10041429b v8::internal::Factory::AllocateRawWithImmortalMap(int, v8::internal::PretenureFlag, v8::internal::Map*, v8::internal::AllocationAlignment) [/usr/local/Cellar/node@10/10.19.0/bin/node],13: 0x100415b43 v8::internal::Factory::NewRawOneByteString(int, v8::internal::PretenureFlag) [/usr/local/Cellar/node@10/10.19.0/bin/node],14: 0x100666d85 v8::internal::IncrementalStringBuilder::Extend() [/usr/local/Cellar/node@10/10.19.0/bin/node],15: 0x1004c38a7 v8::internal::JsonStringifier::SerializeString(v8::internal::Handle<v8::internal::String>) [/usr/local/Cellar/node@10/10.19.0/bin/node],16: 0x1004c4b92 v8::internal::JsonStringifier::Result v8::internal::JsonStringifier::Serialize_<false>(v8::internal::Handle<v8::internal::Object>, bool, v8::internal::Handle<v8::internal::Object>) [/usr/local/Cellar/node@10/10.19.0/bin/node],17: 0x1004c79b1 v8::internal::JsonStringifier::Result v8::internal::JsonStringifier::Serialize_<true>(v8::internal::Handle<v8::internal::Object>, bool, v8::internal::Handle<v8::internal::Object>) [/usr/local/Cellar/node@10/10.19.0/bin/node],18: 0x1004c5b74 v8::internal::JsonStringifier::Result v8::internal::JsonStringifier::Serialize_<false>(v8::internal::Handle<v8::internal::Object>, bool, v8::internal::Handle<v8::internal::Object>) [/usr/local/Cellar/node@10/10.19.0/bin/node],19: 0x1004c79b1 v8::internal::JsonStringifier::Result v8::internal::JsonStringifier::Serialize_<true>(v8::internal::Handle<v8::internal::Object>, bool, v8::internal::Handle<v8::internal::Object>) [/usr/local/Cellar/node@10/10.19.0/bin/node],20: 0x1004c7e8a v8::internal::JsonStringifier::Result v8::internal::JsonStringifier::Serialize_<true>(v8::internal::Handle<v8::internal::Object>, bool, v8::internal::Handle<v8::internal::Object>) [/usr/local/Cellar/node@10/10.19.0/bin/node],21: 0x1004c7e8a v8::internal::JsonStringifier::Result v8::internal::JsonStringifier::Serialize_<true>(v8::internal::Handle<v8::internal::Object>, bool, v8::internal::Handle<v8::internal::Object>) [/usr/local/Cellar/node@10/10.19.0/bin/node],22: 0x1004c5b74 v8::internal::JsonStringifier::Result v8::internal::JsonStringifier::Serialize_<false>(v8::internal::Handle<v8::internal::Object>, bool, v8::internal::Handle<v8::internal::Object>) [/usr/local/Cellar/node@10/10.19.0/bin/node],23: 0x1004c22bd v8::internal::JsonStringifier::Stringify(v8::internal::Handle<v8::internal::Object>, v8::internal::Handle<v8::internal::Object>, v8::internal::Handle<v8::internal::Object>) [/usr/local/Cellar/node@10/10.19.0/bin/node],24: 0x100209915 v8::internal::Builtin_Impl_JsonStringify(v8::internal::BuiltinArguments, v8::internal::Isolate*) [/usr/local/Cellar/node@10/10.19.0/bin/node],25: 0x2e288b7dbf9d ,26: 0x2e288b78a5c3 ,27: 0x2e288b7fbb7c ]
error Command failed with exit code 1.

Any else info needed?

Can't run the command

I have a problem with execution of a main command
Send log:

C:\Users\***\frontend>yarn run improved-yarn-audit
yarn run v1.22.10
$ C:\Users\***\frontend\node_modules\.bin\improved-yarn-audit
Improved Yarn Audit - v2.3.3

Minimum severity level to report: low

Running yarn audit...

ERROR: Yarn audit error:
internal/modules/cjs/loader.js:888  throw err;  ^Error: Cannot find module 'C:\Users\╨Р╨╗╨╡╨║╤Б╨╡╨╣\AppData\Roaming\npm\node_modules\yarn\bin\yarn.js'    at Function.Module._
resolveFilename (internal/modules/cjs/loader.js:885:15)    at Function.Module._load (internal/modules/cjs/loader.js:730:27)    at Function.executeUserEntryPoint [as runMain]
(internal/modules/run_main.js:72:12)    at internal/main/run_main_module.js:17:47 {  code: 'MODULE_NOT_FOUND',  requireStack: []}
error Command failed with exit code 1.
info Visit https://yarnpkg.com/en/docs/cli/run for documentation about this command.

Node version: v14.17.0

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.