Get a problem with node-rolling-spider module...

Hi everyone, I get a problem to make working the module node-rolling-spider and the basic script gived in exemple, I also get some vunerabilities in the dependencies it cannot be fix by the npm audit fix command. I add screenshot of my node.js commend prompt. Please advice me if i make some errors initializing my project or my node.js, i’m a novice!

Your environment has been set up for using Node.js 8.12.0 (x64) and npm.

C:\Users\gregi>cd projet1

C:\Users\gregi\projet1>npm ls
C:\Users\gregi\projet1
-- (empty)<br><br><br>C:\Users\gregi\projet1&gt;npm init --yes*<br>This utility will walk you through creating a package.json file.<br>It only covers the most common items, and tries to guess sensible defaults.<br><br>See npm help jsonfor definitive documentation on these fields<br>and exactly what they do.<br><br>Usenpm install <pkg> afterwards to install a package and<br>save it as a dependency in the package.json file.<br><br>Press ^C at any time to quit.<br>package name: (projet1) npm WARN init canceled<br><br>C:\Users\gregi\projet1&gt;<br><br>C:\Users\gregi\projet1&gt;npm init --yes<br>Wrote to C:\Users\gregi\projet1\package.json:<br><br>{<br>"name": "projet1",<br>"version": "1.0.0",<br>"description": "",<br>"main": "index.js",<br>"scripts": {<br>"test": "echo \"Error: no test specified\" &amp;&amp; exit 1"<br>},<br>"keywords": [],<br>"author": "",<br>"license": "ISC"<br>}<br><br><br><br>C:\Users\gregi\projet1&gt;npm install node-gyp<br>npm notice created a lockfile as package-lock.json. You should commit this file.<br>npm WARN projet1@1.0.0 No description<br>npm WARN projet1@1.0.0 No repository field.<br><br>+ node-gyp@3.8.0<br>added 97 packages from 66 contributors and audited 182 packages in 5.862s<br>found 0 vulnerabilities<br><br><br>C:\Users\gregi\projet1&gt;npm ls<br>projet1@1.0.0 C:\Users\gregi\projet1<br>– node-gyp@3.8.0
±- fstream@1.0.11
| ±- graceful-fs@4.1.11 deduped
| ±- inherits@2.0.3
| ±- mkdirp@0.5.1 deduped
| -- rimraf@2.6.2 deduped<br>+-- glob@7.1.3<br>| +-- fs.realpath@1.0.0<br>| +-- inflight@1.0.6<br>| | +-- once@1.4.0 deduped<br>| | – wrappy@1.0.2
| ±- inherits@2.0.3 deduped
| ±- minimatch@3.0.4
| | -- brace-expansion@1.1.11<br>| | +-- balanced-match@1.0.0<br>| | – concat-map@0.0.1
| ±- once@1.4.0
| | -- wrappy@1.0.2 deduped<br>| – path-is-absolute@1.0.1
±- graceful-fs@4.1.11
±- mkdirp@0.5.1
| -- minimist@0.0.8<br>+-- nopt@3.0.6<br>| – abbrev@1.1.1
±- npmlog@4.1.2
| ±- are-we-there-yet@1.1.5
| | ±- delegates@1.0.0
| | -- readable-stream@2.3.6<br>| | +-- core-util-is@1.0.2<br>| | +-- inherits@2.0.3 deduped<br>| | +-- isarray@1.0.0<br>| | +-- process-nextick-args@2.0.0<br>| | +-- safe-buffer@5.1.2 deduped<br>| | +-- string_decoder@1.1.1<br>| | | – safe-buffer@5.1.2 deduped
| | -- util-deprecate@1.0.2<br>| +-- console-control-strings@1.1.0<br>| +-- gauge@2.7.4<br>| | +-- aproba@1.2.0<br>| | +-- console-control-strings@1.1.0 deduped<br>| | +-- has-unicode@2.0.1<br>| | +-- object-assign@4.1.1<br>| | +-- signal-exit@3.0.2<br>| | +-- string-width@1.0.2<br>| | | +-- code-point-at@1.1.0<br>| | | +-- is-fullwidth-code-point@1.0.0<br>| | | | – number-is-nan@1.0.1
| | | -- strip-ansi@3.0.1 deduped<br>| | +-- strip-ansi@3.0.1<br>| | | – ansi-regex@2.1.1
| | -- wide-align@1.1.3<br>| | – string-width@1.0.2 deduped
| -- set-blocking@2.0.0<br>+-- osenv@0.1.5<br>| +-- os-homedir@1.0.2<br>| – os-tmpdir@1.0.2
±- request@2.88.0
| ±- aws-sign2@0.7.0
| ±- aws4@1.8.0
| ±- caseless@0.12.0
| ±- combined-stream@1.0.7
| | -- delayed-stream@1.0.0<br>| +-- extend@3.0.2<br>| +-- forever-agent@0.6.1<br>| +-- form-data@2.3.2<br>| | +-- asynckit@0.4.0<br>| | +-- combined-stream@1.0.6<br>| | | – delayed-stream@1.0.0 deduped
| | -- mime-types@2.1.20 deduped<br>| +-- har-validator@5.1.0<br>| | +-- ajv@5.5.2<br>| | | +-- co@4.6.0<br>| | | +-- fast-deep-equal@1.1.0<br>| | | +-- fast-json-stable-stringify@2.0.0<br>| | | – json-schema-traverse@0.3.1
| | -- har-schema@2.0.0<br>| +-- http-signature@1.2.0<br>| | +-- assert-plus@1.0.0<br>| | +-- jsprim@1.4.1<br>| | | +-- assert-plus@1.0.0 deduped<br>| | | +-- extsprintf@1.3.0<br>| | | +-- json-schema@0.2.3<br>| | | – verror@1.10.0
| | | ±- assert-plus@1.0.0 deduped
| | | ±- core-util-is@1.0.2 deduped
| | | -- extsprintf@1.3.0 deduped<br>| | – sshpk@1.14.2
| | ±- asn1@0.2.4
| | | -- safer-buffer@2.1.2 deduped<br>| | +-- assert-plus@1.0.0 deduped<br>| | +-- bcrypt-pbkdf@1.0.2<br>| | | – tweetnacl@0.14.5 deduped
| | ±- dashdash@1.14.1
| | | -- assert-plus@1.0.0 deduped<br>| | +-- ecc-jsbn@0.1.2<br>| | | +-- jsbn@0.1.1 deduped<br>| | | – safer-buffer@2.1.2 deduped
| | ±- getpass@0.1.7
| | | -- assert-plus@1.0.0 deduped<br>| | +-- jsbn@0.1.1<br>| | +-- safer-buffer@2.1.2<br>| | – tweetnacl@0.14.5
| ±- is-typedarray@1.0.0
| ±- isstream@0.1.2
| ±- json-stringify-safe@5.0.1
| ±- mime-types@2.1.20
| | -- mime-db@1.36.0<br>| +-- oauth-sign@0.9.0<br>| +-- performance-now@2.1.0<br>| +-- qs@6.5.2<br>| +-- safe-buffer@5.1.2<br>| +-- tough-cookie@2.4.3<br>| | +-- psl@1.1.29<br>| | – punycode@1.4.1
| ±- tunnel-agent@0.6.0
| | -- safe-buffer@5.1.2 deduped<br>| – uuid@3.3.2
±- rimraf@2.6.2
| -- glob@7.1.3 deduped<br>+-- semver@5.3.0<br>+-- tar@2.2.1<br>| +-- block-stream@0.0.9<br>| | – inherits@2.0.3 deduped
| ±- fstream@1.0.11 deduped
| -- inherits@2.0.3 deduped<br>– which@1.3.1
-- isexe@2.0.0<br><br><br>C:\Users\gregi\projet1&gt;npm i rolling-spider<br><br>&gt; usb@1.3.3 install C:\Users\gregi\projet1\node_modules\usb<br>&gt; node-pre-gyp install --fallback-to-build<br><br>node-pre-gyp WARN Using request for node-pre-gyp https download<br>[usb] Success: "C:\Users\gregi\projet1\node_modules\usb\src\binding\usb_bindings.node" is installed via remote<br><br>&gt; bluetooth-hci-socket@0.5.1 install C:\Users\gregi\projet1\node_modules\bluetooth-hci-socket<br>&gt; node-gyp rebuild<br><br><br>C:\Users\gregi\projet1\node_modules\bluetooth-hci-socket&gt;if not defined npm_config_node_gyp (node "C:\Program Files\nodejs\node_modules\npm\node_modules\npm-lifecycle\node-gyp-bin\\..\..\node_modules\node-gyp\bin\node-gyp.js" rebuild ) else (node "C:\Program Files\nodejs\node_modules\npm\node_modules\node-gyp\bin\node-gyp.js" rebuild )<br>Les projets sont générés individuellement dans cette solution. Pour activer la génération en parallèle, ajoutez le commutateur "/m".<br>win_delay_load_hook.cc<br>GÚnÚration de code en cours<br>Fin de la gÚnÚration du code<br>binding.vcxproj -&gt; C:\Users\gregi\projet1\node_modules\bluetooth-hci-socket\build\Release\\binding.node<br>npm WARN optional SKIPPING OPTIONAL DEPENDENCY: logitech-dual-action-controller@git+<a href="https://github.com/voodootikigod/node-logitech-dual-action-controller.git" target="_blank">https://github.com/voodootikigod/node-logitech-dual-action-controller.git</a> (node_modules\rolling-spider\node_modules\logitech-dual-action-controller):<br>npm WARN optional SKIPPING OPTIONAL DEPENDENCY: Error while executing:<br>npm WARN optional SKIPPING OPTIONAL DEPENDENCY: undefined ls-remote -h -t <a href="https://github.com/voodootikigod/node-logitech-dual-action-controller.git" target="_blank">https://github.com/voodootikigod/node-logitech-dual-action-controller.git</a><br>npm WARN optional SKIPPING OPTIONAL DEPENDENCY:<br>npm WARN optional SKIPPING OPTIONAL DEPENDENCY: undefined<br>npm WARN optional SKIPPING OPTIONAL DEPENDENCY: No git binary found in $PATH<br>npm WARN projet1@1.0.0 No description<br>npm WARN projet1@1.0.0 No repository field.<br>npm WARN optional SKIPPING OPTIONAL DEPENDENCY: xpc-connection@0.1.4 (node_modules\xpc-connection):<br>npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for xpc-connection@0.1.4: wanted {"os":"darwin","arch":"any"} (current: {"os":"win32","arch":"x64"})<br><br>+ rolling-spider@1.7.0<br>added 32 packages from 36 contributors and audited 294 packages in 9.398s<br>found 2 low severity vulnerabilities<br>run npm audit fixto fix them, ornpm audit` for details

C:\Users\gregi\projet1>npm audit

=== npm audit security report ===


Manual Review
Some vulnerabilities require your attention to resolve

Visit https://go.npm.me/audit-guide for additional guidance


Low Regular Expression Denial of Service

Package debug

Patched in >= 2.6.9 < 3.0.0 || >= 3.1.0

Dependency of rolling-spider

Path rolling-spider > noble > debug

More info https://nodesecurity.io/advisories/534


Low Prototype Pollution

Package lodash

Patched in >=4.17.5

Dependency of rolling-spider

Path rolling-spider > lodash

More info https://nodesecurity.io/advisories/577

found 2 low severity vulnerabilities in 294 scanned packages
2 vulnerabilities require manual review. See the full report for details.

C:\Users\gregi\projet1>node stdprog.js
module.js:550
throw err;
^

Error: Cannot find module 'temporal’
at Function.Module._resolveFilename (module.js:548:15)
at Function.Module._load (module.js:475:25)
at Module.require (module.js:597:17)
at require (internal/module.js:11:18)
at Object.<anonymous> (C:\Users\gregi\projet1\stdprog.js:2:16)
at Module._compile (module.js:653:30)
at Object.Module._extensions…js (module.js:664:10)
at Module.load (module.js:566:32)
at tryModuleLoad (module.js:506:12)
at Function.Module._load (module.js:498:3)

C:\Users\gregi\projet1>

Thanks for helping me !

I am not a JS specialist, but the two following links seems relevant :

The solution I can infer from these two links is to run npm install multiple times, until it works (see the second link for the rational behind that).

Another piece of data : temporal seems to be a built-in not yet in the standard, so maybe it is a mismatch between the javascript version and the library version.

1 Like

Thanks a lot for help, now working ! Just need stability inprovement…