Skip to content
This repository has been archived by the owner. It is now read-only.

found 1 low severity vulnerability ... error #2585

Closed
atifsari opened this issue Oct 9, 2018 · 12 comments
Closed

found 1 low severity vulnerability ... error #2585

atifsari opened this issue Oct 9, 2018 · 12 comments
Labels

Comments

@atifsari
Copy link

@atifsari atifsari commented Oct 9, 2018

Note: this is the technical bug tracker, please use other platforms for getting support and starting a (non technical) discussion. See the getting help page for details.
I just installed gekko on c:\ at the end I get this message error "node-pre-gyp WARN Using request for node-pre-gyp https download
[sqlite3] Success: "C:\gekko-develop\node_modules\sqlite3\lib\binding\node-v57-win32-x64\node_sqlite3.node" is installed via remote
added 213 packages from 175 contributors and audited 520 packages in 30.892s
found 1 low severity vulnerability
run npm audit fix to fix them, or npm audit for details"

I'm submitting a ...
[ ] bug report
[ ] question about the decisions made in the repository

Action taken (what you did)

I run npm audit fix to fix them
Expected result (what you hoped would happen)
gave me another message " npm audit fix --force" and I follow it

Actual result (unexpected outcome)
gave me this last message :

npm WARN using --force I sure hope you know what you are doing.

  • lodash@4.17.11
    updated 1 package in 2.225s
    fixed 1 of 1 vulnerability in 520 scanned packages
    1 package update for 1 vuln involved breaking changes
    (installed due to --force option)

I tried to reinstall it in different locations ... still, I get no combo box on the config page

Other information (e.g. detailed explanation, stacktraces, related issues, suggestions how to fix, links for us to have context, eg. stackoverflow, etc)

@askmike
Copy link
Owner

@askmike askmike commented Oct 10, 2018

I run npm audit fix to fix them

Don't do this! The problem is that a part of a library used everywhere in Gekko (called Lodash) had a security issue (in a function Gekko does not use, as such there is no security issue when running Gekko). I'm in the process of updating the complete the usage in this lib in the complete gekko codebase so this message won't show. But that's not done yet.

@atifsari
Copy link
Author

@atifsari atifsari commented Oct 11, 2018

Thank you ... I solve it by using bash on windows.

@gekkocu
Copy link

@gekkocu gekkocu commented Oct 29, 2018

hello, i have no skill about coding ,and i installed helping internet video and installed gekko but there was visible only 2 exchange poloniex and bitfinex thats way i searched another tutorial about installing but now gekko broken , and i guess if i reinstall it i think it can work again , how to uninstall it ? could you help me please ? thanks

@Lucky21110
Copy link

@Lucky21110 Lucky21110 commented Nov 12, 2018

Thank you ... I solve it by using bash on windows.

Hello,
How did you solve it ? Can you explain a bit ?

I tried multiple things but all combox box are still empty.

Regards

@AdrianoImperador
Copy link

@AdrianoImperador AdrianoImperador commented Dec 23, 2018

how did you guys solved this issue? just ignoring the vulnerability and proceeding with the broker's dependencies installation?
i m installing gekko on windows

@userbox020
Copy link

@userbox020 userbox020 commented Jan 27, 2019

Hello,
In this step
cd exchange
npm install --only=production
cd ..

I get this error, I attach the picture

It would be nice if someone can help me.

I already installed
python-3.7.2-amd64.exe
BuildTools_Full.exe (I found it on microsoft webpage as VC++ 2015 build tool, dunno if is the right one)

1

Also, Im working with metatrader and I have a collections of bots for trading that I can share.

@MartijnvanGoor
Copy link

@MartijnvanGoor MartijnvanGoor commented Feb 18, 2019

Hey Leon,

I hope you rsolved the issue. I looked over it and I'm not sure if I can be of any help. :(

I was ondering what your expirience is with Metatrader and which bots it is you use !

Would you care to share them with me (us) ? That would be great.

Thanx in advance... Greetz 020-Martijn

@userbox020
Copy link

@userbox020 userbox020 commented Feb 20, 2019

@stale
Copy link

@stale stale bot commented Apr 21, 2019

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. If you feel this is very a important issue please reach out the maintainer of this project directly via e-mail: gekko at mvr dot me.

@stale stale bot added the wontfix label Apr 21, 2019
@stale stale bot closed this Apr 28, 2019
@hashem1671
Copy link

@hashem1671 hashem1671 commented May 31, 2019

Hi, I'm at the beginning of the installation of Gekko. Can you help me know the steps involved in installing Gekko dependencies? Thanks

@technocoin
Copy link

@technocoin technocoin commented Jul 14, 2019

Hi guys.
I was with the same problem, because I was all the time fixing the error msg's... Forget that!!

Just follow all steps of the installation and ignore all error msg's and that is it...

Working properly.

Thanks

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
10 participants