The latest version create-react-app
is 4.0.3
but when I run npx create-react-app my-app
it uses version 1.5.2 and also doesn't run with templates. I don't have any global installation of it and have tried uninstalling it using npm uninstall -g create-react-app
.
My npm version is 7.21.1 and node version is 16.9.1
How can I make it work? Please help.
EDIT: There are 58 vulnerabilities while creating the app and this comes at the end -
A template was not provided. This is likely because you're using an outdated version of create-react-app.
Please note that global installs of create-react-app are no longer supported.
You can fix this by running npm uninstall -g create-react-app or yarn global remove create-react-app before using create-react-app again.
The folder also doesn't have the src
folder just the node_modules
folder and package.json
file.
While running npm audit fix
I get this -
tar <=4.4.17
Severity: high
Arbitrary File Creation/Overwrite on Windows via insufficient relative path sanitization - https://github.com/advisories/GHSA-5955-9wpr-37jh
Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning using symbolic links - https://github.com/advisories/GHSA-9r2w-394v-53qc
Arbitrary File Creation/Overwrite due to insufficient absolute path sanitization - https://github.com/advisories/GHSA-3jfq-g458-7qm9
Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning - https://github.com/advisories/GHSA-r628-mhmh-qjhw
fix available via `npm audit fix`
node_modules/tar
tar-pack *
Depends on vulnerable versions of tar
node_modules/tar-pack
create-react-app >=1.3.0-alpha.58689133
Depends on vulnerable versions of tar-pack
node_modules/create-react-app
3 high severity vulnerabilities
Short version:
npx clear-npx-cache
Temporary solution:
npx create-react-app@latest my-app
Now for the explanation. I think npx is running an old version of create-react-app on your computer. The first time you do npx create-react-app
, the package is installed in the cache. npx does not check for newer versions if the package is cached. You can sidestep this issue by adding @latest. This forces npx to fetch the package even if it is cached.
A better solution is to clear the cache. There are other guides about how to find and remove the cache folder on windows and macos. The package clear-npx-cache
does this.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.