无法在 gatsby 站点中安装和配置 MDX 转换器插件(和依赖项)
[英]Unable to Install and configure the MDX transformer plugin (and dependencies) in gatsby site
问题描述
Goal: Trying to create a simple blog using Gatsby
目标:尝试使用 Gatsby 创建一个简单的博客Outcomes:
结果:- Expected Outcome: Things should go as defined in the tutorial guide预期结果:事情应该按照教程指南中的定义进行
- Actual Outcome: Getting Dependency tree error in step(s) & Also a warning message like
34 vulnerabilities (11 moderate, 23 high)whenever installing something using npm in this project实际结果:在此项目中使用 npm 安装某些东西时,在步骤中出现依赖关系树错误以及警告消息,如34 vulnerabilities (11 moderate, 23 high)
- Expected Outcome: Things should go as defined in the tutorial guide
Approach: I am following the guide available here , & in Task install MDX transform plugin , getting the below error
方法:我遵循此处提供的指南,并在任务安装 MDX 转换插件中,得到以下错误
Questions:问题:
- How do i resolve this particular dependency tree issue & Also in general how do i approach this kind(dependency tree issue) of errors in npm?我如何解决这个特定的依赖树问题以及一般来说我如何处理 npm 中的这种(依赖树问题)错误?
- The warnings related to the vulnerable packages - How critical are those & How should it be handled ?与易受攻击的软件包相关的警告 - 这些警告有多重要以及应该如何处理?
Command-used: npm install gatsby-plugin-mdx @mdx-js/mdx@v1 @mdx-js/react@v1
Output/Console Error:
npm ERR! code ERESOLVE
npm ERR! ERESOLVE unable to resolve dependency tree
npm ERR!
npm ERR! While resolving: my-gatsby-site@1.0.0
npm ERR! Found: react@18.2.0
npm ERR! node_modules/react
npm ERR! react@"^18.1.0" from the root project
npm ERR! peer react@"^16.9.0 || ^17.0.0 || ^18.0.0" from gatsby-plugin-mdx@3.18.0
npm ERR! node_modules/gatsby-plugin-mdx
npm ERR! gatsby-plugin-mdx@"*" from the root project
npm ERR!
npm ERR! Could not resolve dependency:
npm ERR! peer react@"^16.13.1 || ^17.0.0" from @mdx-js/react@1.6.22
npm ERR! node_modules/@mdx-js/react
npm ERR! @mdx-js/react@"v1" from the root project
npm ERR! peer @mdx-js/react@"^1.0.0" from gatsby-plugin-mdx@3.18.0
npm ERR! node_modules/gatsby-plugin-mdx
npm ERR! gatsby-plugin-mdx@"*" from the root project
npm ERR!
npm ERR! Fix the upstream dependency conflict, or retry
npm ERR! this command with --force, or --legacy-peer-deps
npm ERR! to accept an incorrect (and potentially broken) dependency resolution.
npm ERR!
npm ERR! See <home-folder>/.npm/eresolve-report.txt for a full report.
npm ERR! A complete log of this run can be found in:
npm ERR! <home-folder>/.npm/_logs/2022-07-06T15_46_56_149Z-debug-0.log
Updates:更新:
Update 1:更新1:
After trying one of the suggestion given by the fellow stack-overflow site member, a new error is thrown!在尝试了其他堆栈溢出站点成员给出的建议之一后,抛出了一个新错误! So ignoring the dependency tree issue with skip legacy tree is not working, Hence any more suggestion from any gatsby users!?所以忽略跳过遗留树的依赖树问题是行不通的,因此任何 gatsby 用户的更多建议!?
gatsby develop
ERROR #11901 COMPILATION
Failed to compile Gatsby files (Error):
Could not resolve module "@parcel/namer-default" from
"<home-folder>/codeSpace/siteByGatsby/sv3/my-gatsby-site/node\_modules/@gatsbyjs/parcel-namer-relative-to-cwd/lib/index.js".
not finished compile gatsby files - 0.778s
1 个解决方案
解决方案1
2 2022-07-06 19:28:38
Not that "you should" normally do what i am about to suggest, but you can run:并不是说“你应该”通常做我要建议的事情,但你可以运行:
npm install gatsby-plugin-mdx @mdx-js/mdx@v1 @mdx-js/react@v1 --legacy-peer-deps
Basically what this will do is tell npm that you wish to install peer dependencies, the reason this happens is because you are using React@18.2 in your project, but the packages you are trying to install are using a lower version of React.基本上,这将告诉 npm 你希望安装对等依赖项,发生这种情况的原因是因为你在项目中使用了 React@18.2,但你尝试安装的包使用的是较低版本的 React。 Thus, NPM is throwing you this error.因此,NPM 会抛出这个错误。
The reason why "you shouldn't" normally do this, is imagine theres a dependancy within a package that is flagged as vunerable, but you currently have a 'fixed' version of this installed. “你不应该”通常这样做的原因是想象在一个被标记为 vunerable 的包中存在依赖关系,但你目前安装了这个的“固定”版本。 You would then be installing the peer dependency that could have a vulenarbility.然后,您将安装可能具有漏洞的对等依赖项。
You can run the above code and be 'alright', its not a big deal that it is wanting to install lesser version of React.你可以运行上面的代码并且“没问题”,它想要安装较低版本的 React 并不是什么大不了的事。
But what you should also think about, is do you really need React@18.2, or could you use a downgraded version because, how likely are you to use any of the features that might be in the latest version release.但是您还应该考虑的是,您真的需要 React@18.2,还是您可以使用降级版本,因为您使用最新版本中的任何功能的可能性有多大。
This is also a reason why a lot of developers don't just go and install the newest version of React when they are building projects, because you have to rely on packages that are maintained by either solo developers, or by a community of lovely people who are willing to help maintain a package to bring it up to speed with Reacts latest releases.这也是为什么许多开发人员在构建项目时不只是去安装最新版本的 React 的原因,因为您必须依赖由单独开发人员或由可爱的人社区维护的包谁愿意帮助维护一个包以使其与 Reacts 最新版本保持同步。
These are pretty much the main three things you can do:这些几乎是您可以做的主要三件事:
- You either install the legacy dependencies您要么安装旧的依赖项
- You knock React down a version peg that is inline with the version required in the dependency tree for the packages you are looking to use你敲下一个版本挂钩,它与你要使用的包的依赖树中所需的版本内联
- You find another package, or you take a look on their Github incase they have released a version, but not yet published this release to NPMjs yet你找到另一个包,或者你看看他们的 Github 以防他们发布了一个版本,但还没有将这个版本发布到 NPMjs
Hope this helps :)希望这可以帮助 :)
Sidenote:边注:
When migrating this project to a hosting provider, you will also need to tell them that you have packages that you have force installed with --legacy-peer-deps by either creating an environment variable for the site on the hosting providers platform, or with .npmrc file with the following:将此项目迁移到托管服务提供商时,您还需要通过在托管服务提供商平台上为站点创建环境变量或使用--legacy-peer-deps来告诉他们您有强制安装的包.npmrc文件包含以下内容:
legacy-peer-deps=true
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.