本地部署报错
Akimio521 opened this issue · 5 comments
Akimio521 commented
运行npm i提示
npm WARN deprecated rollup-plugin-terser@7.0.2: This package has been deprecated and is no longer maintained. Please use @rollup/plugin-terser
npm WARN deprecated sourcemap-codec@1.4.8: Please use @jridgewell/sourcemap-codec instead
npm WARN deprecated rollup-plugin-replace@2.2.0: This module has moved and is now available at @rollup/plugin-replace. Please update your dependencies. This version is no longer maintained.
npm WARN deprecated rollup-plugin-node-resolve@5.2.0: This package has been deprecated and is no longer maintained. Please use @rollup/plugin-node-resolve.
added 160 packages, and audited 161 packages in 33s
20 packages are looking for funding
run `npm fund` for details
5 vulnerabilities (4 high, 1 critical)
To address issues that do not require attention, run:
npm audit fix
Some issues need review, and may require choosing
a different dependency.
Run `npm audit` for details.
npm notice
npm notice New minor version of npm available! 9.5.1 -> 9.8.1
npm notice Changelog: https://github.com/npm/cli/releases/tag/v9.8.1
npm notice Run npm install -g npm@9.8.1 to update!
npm notice
再运行npm audit fix
up to date, audited 161 packages in 5s
20 packages are looking for funding
run `npm fund` for details
# npm audit report
lodash <=4.17.20
Severity: critical
Regular Expression Denial of Service (ReDoS) in lodash - https://github.com/advisories/GHSA-x5rq-j2xg-h7qm
Prototype Pollution in lodash - https://github.com/advisories/GHSA-4xc9-xhrj-v574
Prototype Pollution in lodash - https://github.com/advisories/GHSA-fvqr-27wr-82fm
Prototype Pollution in lodash - https://github.com/advisories/GHSA-p6mc-m468-83gw
Command Injection in lodash - https://github.com/advisories/GHSA-35jh-r3h4-6jhm
Regular Expression Denial of Service (ReDoS) in lodash - https://github.com/advisories/GHSA-29mw-wpgm-hmr9
Prototype Pollution in lodash - https://github.com/advisories/GHSA-jf85-cpcp-j695
No fix available
node_modules/lodash
scp2 >=0.1.0
Depends on vulnerable versions of lodash
Depends on vulnerable versions of ssh2
node_modules/scp2
marked <=4.0.9
Severity: high
Inefficient Regular Expression Complexity in marked - https://github.com/advisories/GHSA-5v2h-r2cx-5xgj
Inefficient Regular Expression Complexity in marked - https://github.com/advisories/GHSA-rrrm-qjm4-v8hf
Regular Expression Denial of Service (REDoS) in Marked - https://github.com/advisories/GHSA-4r62-v4vq-hr96
No fix available
node_modules/marked
rollup-plugin-md *
Depends on vulnerable versions of marked
node_modules/rollup-plugin-md
ssh2 <1.4.0
Severity: high
OS Command Injection in ssh2 - https://github.com/advisories/GHSA-652h-xwhf-q4h6
fix available via `npm audit fix`
node_modules/scp2/node_modules/ssh2
5 vulnerabilities (4 high, 1 critical)
To address issues that do not require attention, run:
npm audit fix
Some issues need review, and may require choosing
a different dependency.
运行npm run build提示错误
src/components/PlayListCover.svelte
38: </script>
39:
40: <div class="cover" on:click={goToDetail} bind:this={coverDom}>
^
41: <div class="cover-img">
42: <Lazy height={220}>
[!] Error: Unexpected token (Note that you need @rollup/plugin-json to import JSON files)
请大佬指点
Akimio521 commented
参考 #9 试试。
试了一下,npm run dev本地部署成功了,但是npm run build会报错。html和build文件夹下的html也没办法直接打开,本来还想在Vercel部署
dufu1991 commented
给个思路吧,保留src,把 Rollup 换成 Vite。
Vite 包含了全套工具,应该就没问题了。搞好也是自己学习的过程。
Akimio521 commented
感谢大佬指点,我在试试吧,刚开始玩这种,不太了解
dufu1991 commented
_ html和build文件夹下的html也没办法直接打开_
build 出来的文件是不能直接打开的,你得起一个 web 服务啊,不管是本地还是服务器。