how to fix npm audit error with loadVirtual and ENOLOCK?

Question

➜   npm audit
npm ERR! code ENOLOCK
npm ERR! audit This command requires an existing lockfile.
npm ERR! audit Try creating one first with: npm i --package-lock-only
npm ERR! audit Original error: loadVirtual requires existing shrinkwrap file

I ran npm audit and got this error.

When I run below:

➜ npm config get package-lock
true

➜ npm config get shrinkwrap
true

Can anybody help with this? as to how to fix it? and npm audit fix --force is not working as well...

Answer 1

I just ran the command it says to.

npm i --package-lock-only

Then it showed me 0 vulnerabilities. Anyway, ran again and again 0 vulnerabilities.并再次运行 0 个漏洞。

Answer 2

works for me like this:

npm cache clean --force

npm fund

npm audit fix --force

Answer 3

That error tells you the root of the problem: This command requires an existing lockfile. . This implies that you don't already have a package-lock.json along side the package.json you're trying to audit. npm i --package-lock-only just generates/updates package-lock.json without reinstalling; npm i would reinstall and generate one (based on your config).

Answer 4

You need to create package-lock.json, run

npm install

then

npm audit fix

you won't have the problem

Answer 5

I updated to the latest version of npm with npm install -g npm@8.3.0 , and now it shows no more problems...

Answer 6

Try running these:

npm i --package-lock-only
npm config get package-lock
npm config get shrinkwrap
npm i --package-lock-only
npm audit fix

From here .

Answer 7

Try these command.

npm i --package-lock-only
npm config get package-lock
npm config get shrinkwrap
npm i --package-lock-only
npm audit fix

Answer 8

Use Node 14, it fixed the issue with 0 vulnerabilities.

Answer 9

I read this and really helpful:

https://medium.com/illumination/how-to-fix-npm-audit-error-with-loadvirtual-and-enolock-deprecated-dependencies-1f07ba65eef9

npm i --package-lock-only npm config get package-lock npm config get shrinkwrap npm i --package-lock-only npm audit fix

(When running 'npm config get package-lock' and 'npm config get shrinkwrap', you will receive 'true' for both) — → After running 'npm audit fix', you will see: “up to date, audited… found 0 vulnerabilities”

Answer 10

The problem is because you need a package.json and package-lock.json file running these commands will fix it for you.

npm init -y

npm i --package-lock-only

npm audit

This fixes the problem

Answer 11

Had the same error, then realized I was in a parent folder. So this may happen if there's no lock file.

Answer 12

Try running this command: npm cache clean --force