Circleci keeps failing with this error
ECONFLICT Unable to find suitable version for angular
These are my dependencies in bower.json
"dependencies": {
"angular": "1.4.7",
"angular-animate": "1.4.7",
"angular-credit-cards": "2.3.5",
"angular-local-storage": "0.2.2",
"angular-messages": "1.4.7",
"angular-sanitize": "1.4.7",
"angular-translate": "2.7.2",
"angular-ui-router": "0.2.15",
"bluebird": "2.9.34",
"bourbon": "4.2.6",
"immutable": "3.7.5",
"neat": "1.7.2",
"normalize-scss": "3.0.3",
"ramda": "0.16.0",
"rxjs": "2.5.2",
"system.js": "0.19.6",
"angular-markdown-directive": "0.3.1",
"angularjs-geolocation": "0.1.1",
"angulartics": "0.20.2",
"angulartics-google-analytics": "0.1.2",
"angulartics-facebook-pixel": "0.1.0"
},
"resolutions": {
"angular": "1.4.7"
}
I tried running it locally and it works fine, not sure what's the problem. Any help would be appreciated
add
"ignoredDependencies": ["angular"]
to your bower.cc file and it will ignore the dependancy (but you must be sure yourself that the package works with your version of angular).
Related
We have a web application on AngularJS 1.x which is creating issues with dependencies -> dependent library to raven scan vulnerabilities.
Package.json:
{
"name": "Test",
"dependencies": {
"angular": "1.6.9",
"angular-animate": "1.6.6",
"angular-aria": "1.6.9",
"angular-material": "1.1.9",
"angular-messages": "1.6.9",
"angular-route": "1.6.9",
"angular-touch": "1.6.9",
"angular-ui-router": "0.3.2",
"angular-smart-table": "2.1.8",
"angular-ui-bootstrap": "1.3.3",
"angular-ui-grid": "4.8.3",
"angular-ui-select": "0.12.10",
"uuid": "^3.3.2",
"bootstrap": "3.3.7",
"requirejs": "2.3.6",
"jquery": "3.3.1",
"grunt-cli": "1.3.2",
"grunt": "1.3.0",
"grunt-contrib-uglify": "4.0.1",
"grunt-contrib-jshint": "2.1.0",
"grunt-contrib-requirejs": "1.0.0",
"grunt-contrib-clean": "1.1.0",
"grunt-contrib-copy": "1.0.0",
"grunt-contrib-cssmin": "2.2.1",
"grunt-contrib-concat": "1.0.1",
"grunt-processhtml": "0.4.2",
"grunt-front-end-modules": "1.1.0",
"grunt-karma": "3.0.0",
"underscore": "1.8.3",
"d3": "3.5.17",
"nvd3": "1.8.1",
"angular-file-saver": "1.1.3",
"smart-area": "2.0.0",
"csv-js": "1.0.0",
"pdfmake": "0.1.36",
"file-saver": "1.3.2",
"font-awesome": "4.7.0",
"angular-file-upload": "2.5.0"
}
}
Package-lock.json
...
"htmlprocessor": {
"version": "0.2.6",
"resolved": "https://fakepath",
"integrity": "sha1",
"requires": {
"lodash": "~2.4.1"
},
"dependencies": {
"lodash": {
**"version": "2.4.2",**
"resolved": "https://fakepath",
"integrity": "sha1"
}
}
},
...
For example above - lodash needs to be updated to 4.17.20 of min to fix the vulnerability.
Do i add lodash to be a devDependency or update the package-lock.json manually ?
Note- package-lock.json is not pushed as part of source control but i am studying online that it should be
We're working off security vulnerabilities in our apps as well and have had a similar problem. There is no good answer:
Sure, you can edit your package-lock.json file by hand but that's just cheating around the issue. It won't somehow get rid of the vulnerability that lodash is bringing in because NPM will keep pulling down that version. You would be better off asking for a waiver for this security finding than trying to hide it.
Why is it pulling down that version? One of your devDependencies has a dependency on htmlprocessor. That processor lib specifically calls out the use of that version of lodash. You could submit a merge request to that library to get it updated to a newer version of lodash but it doesn't look like it's maintained anymore.
Adding a newer version of lodash as a devDependency will just mean you now depend on two versions of lodash. It won't fix anything.
This is both the blessing and curse of using NPM. Easy access to tons of libraries... but there are many no-longer-maintained libraries that get pulled in that are chock full of security issues.
I am a beginner in AngularJs & while I am trying to install Angular Material Icon using bower, I am getting ENOTFOUND Package save not found Error.
I am using this command
bower install save angular-material-icons
These are my dependencies
"dependencies": {
"angular": "~1.5.8",
"angular-animate": "~1.5.8",
"angular-messages": "~1.5.8",
"angular-touch": "~1.5.8",
"angular-aria": "~1.5.8",
"angular-resource": "~1.5.8",
"angular-material": "^1.1.1",
"moment": "~2.10.6",
"angular-sanitize": "~1.5.8",
"angular-ui-router": "^0.3.1",
"material-design-icons-iconfont": "^3.0.0",
"google-open-sans": "^1.0.0",
"angular-route": "1.5.8",
"ngstorage": "^0.3.11",
"smDateTimeRangePicker": "^1.6.1",
"ng-intl-tel-input": "^2.0.0",
"angular-youtube-mb": "^1.3.1",
"leaflet": "^1.0.2",
"md-data-table": "^2.2.0"
}
Please Suggest If Anyone Faced the similar problem.
I'm not bower expert, but I'm pretty sure that you should use save parameter this way:
bower install angular-material-icons --save
I have the following dependencies in my bower.json file:
{
"name": "aposoft-frontend",
"dependencies": {
"angular-bootstrap": "0.13.0",
"jquery": "~2.1.4",
"bootstrap": "~3.3.5",
"angular-ui-router": "~0.2.15",
"angular-i18n": "~1.4.2",
"angular-local-storage": "~0.2.2",
"angular-http-auth": "~1.2.2",
"angular-bootstrap-show-errors": "~2.3.0",
"angular-xeditable": "~0.1.9",
"pace": "~1.0.2",
"angular-mocks": "~1.4.3",
"angular-ui-validate": "~1.1.1",
"angular-translate-loader-static-files": "~2.7.2",
"quick-ng-repeat": "~0.0.1",
"angular-holderjs": "~1.1.0",
"holderjs": "~2.8.2",
"angular-bootstrap-datetimepicker": "latest"
},
"devDependencies": {}
}
without "angular-bootstrap-datetimepicker": "latest" it works fine but with the dependency "angular-bootstrap-datetimepicker": "latest" I get following ERROR if I will build my frontend:
**[ERROR] bower ECONFLICT Unable to find suitable version for angular**
Does anyone know how I could solve this issue?
Thanks a lot!
Use * in place of latest to install the latest version
I am deploying an AngularJS application to Heroku but am getting this error in the console:
remote: bower ECONFLICT Unable to find suitable version for angular-animate
remote:
remote: ! Push rejected, failed to compile Node.js app
remote:
remote: Verifying deploy....
remote:
remote: ! Push rejected to test-app-12345
The problem (of course) seems to be with the angular-animate dependency.
I am using a Heroku angularJS buildpack "Yo Angular" and have followed their 4 step process for a successful application deployment to Heroku.
I tried fixing this by changing my bower.json file like recommended in this StackOverflow answer, hoping it would solve my issue. It did not.
Locally, I use grunt serve to start the application and that works for me just fine.
My bower.json looks like this:
{
"name": "dashboard",
"version": "0.0.0",
"main": "index.html",
"ignore": [
"**/.*",
"node_modules",
"bower_components"
],
"dependencies": {
"jquery": "~2.0",
"bootstrap": "~3.1.1",
"angular": "~1.3.15",
"angular-ui-router": "~0.2",
"angular-animate": "~1.3.15",
"angular-resource": "~1.3.15",
"angular-cookies": "~1.3.15",
"angular-mocks": "~1.3.15",
"angular-ui-utils": "~0.1",
"angular-bootstrap": "~0.11.2",
"moment": "~2.5",
"less.js": "~1.6",
"font-awesome": "~4.2.0",
"form-builder": "0.1.0",
"restangular": "~1.4.0",
"lodash": "~2.4.1",
"satellizer": "~0.3.2",
"angular-xeditable": "~0.1.8",
"fullcalendar": "~2.1.1",
"angular-ui-calendar": "~0.8.1",
"checklist-model": "~0.1.3"
},
"resolutions": {
"font-awesome": "~4.2.0",
"jquery": "~2.0",
"fullcalendar": "~2.1.1",
"angular": "~1.3.15",
"angular-bootstrap": "~0.11.2"
}
}
The code is public for now, so here is the link to the Github repo.
Anyone have tips for me, or a good idea of what I am doing wrong?
P.S. I found this information in bower's Github issues tracking, which is dealing with the same problem. Might be helpful in figuring this out.
This error occurs when two packages reference different versions of the same dependency.
You can resolve the issue by running rm -rf bower_components/ ; bower install
Then when prompted to choose a version prefix your answer with a "!" like I have below. Notice how bower will add a "resolutions" section.
Unable to find a suitable version for angular-animate, please choose one:
1) angular-animate#~1.2 which resolved to 1.2.28 and is required by form-builder#0.1.0
2) angular-animate#~1.3.15 which resolved to 1.3.17 and is required by dashboard
3) angular-animate#~1.4.3 which resolved to 1.4.3
Prefix the choice with ! to persist it to bower.json
? Answer: !3
Here is your resolved bower.json file.
{
"name": "dashboard",
"version": "0.0.0",
"main": "index.html",
"ignore": [
"**/.*",
"node_modules",
"bower_components"
],
"dependencies": {
"jquery": "~2.0",
"bootstrap": "~3.1.1",
"angular": "~1.3.15",
"angular-ui-router": "~0.2",
"angular-animate": "~1.4.3",
"angular-resource": "~1.3.15",
"angular-cookies": "~1.3.15",
"angular-mocks": "~1.3.15",
"angular-ui-utils": "~0.1",
"angular-bootstrap": "~0.11.2",
"moment": "~2.5",
"less.js": "~1.6",
"font-awesome": "~4.2.0",
"form-builder": "0.1.0",
"restangular": "~1.4.0",
"lodash": "~2.4.1",
"satellizer": "~0.3.2",
"angular-xeditable": "~0.1.8",
"fullcalendar": "~2.1.1",
"angular-ui-calendar": "~0.8.1",
"checklist-model": "~0.1.3"
},
"resolutions": {
"font-awesome": "~4.2.0",
"jquery": "~2.0",
"fullcalendar": "~2.1.1",
"angular": "~1.3.15",
"angular-bootstrap": "~0.11.2",
"angular-animate": "~1.4.3"
}
}
I am new to the mean stack and am trying to add ngSanitize. I installed on the command line and see the library inside /bower_components/ but the angular-sanitize.js script isn't loading on the app. Am I missing a step for this? I tried adding the module to the default modules in /public/init.js but still no luck.
The bower.json file looks correct too:
{ "name": "mean", "version": "0.4.0", "dependencies": {
"jquery": "1.x",
"jquery-ui": "~1.10.3",
"angular": "latest",
"angular-resource": "latest",
"angular-cookies": "latest",
"angular-mocks": "latest",
"angular-route": "latest",
"bootstrap": "3.1.1",
"angular-bootstrap": "0.11.0",
"angular-ui-router": "#master",
"angular-sanitize": "~1.2.22" } }
Make sure ngSanitize is included in your index.html file. Running
bower install
will not do that automatically. Depending on your Gruntfile, running
grunt serve
might add it for you