[React] vulnerability 문제 / error:03000086:digital envelope routines::initialization error

Web Programming

[React] vulnerability 문제 / error:03000086:digital envelope routines::initialization error

효딩 2024. 3. 3. 20:45

79요..?

npm install react-icons를 했는데, 계속해서 이런 식으로 vulnerabilities 경고창이 떴다.

처음엔 6 vulnerabilities 였는데 어느 순간 79가 됐다..

역시 stack overflow

나랑 비슷한 오류가 나는 사람을 찾았다.

https://stackoverflow.com/questions/72489256/6-high-severity-vulnerabilities-in-react-icons-4-4-0

6 high severity vulnerabilities in react-icons 4.4.0

# npm audit report nth-check <2.0.1 Severity: high Inefficient Regular Expression Complexity in nth-check - https://github.com/advisories/GHSA-rp65-9cf3-cjxr fix available via `npm audit fix -...

stackoverflow.com

그리고 댓글에 있는 깃헙을 참조했다.

https://github.com/facebook/create-react-app/issues/11174

Help, `npm audit` says I have a vulnerability in react-scripts! · Issue #11174 · facebook/create-react-app

npm audit is broken for front-end tooling by design Bad news, but it's true. See here for a longer explanation. If you think you found a real vulnerability in react-scripts If you know that it affe...

github.com

여기에 다행히도

However, npm audit is designed for Node apps so it flags issues that can occur when you run actual Node code in production. That is categorically not how Create React App works.

This means that the overwhelming amount of "vulnerability" reports we receive for transitive dependencies are false positives. Despite literally a hundred issues with thousands of comments about npm audit warnings in react-scripts, throughout the years not a single one of them (to the best of our knowledge) has ever been a real vulnerability for CRA users.

This is a huge waste of everyone's time. Mostly of yours, but of ours too.

이렇게 쓰여있었다. 별 문제 없다는 것..!

근데 사실 이걸로 문제 해결은 못 했고

https://stackoverflow.com/questions/74726224/opensslerrorstack-error03000086digital-envelope-routinesinitialization-e

opensslErrorStack: [ 'error:03000086:digital envelope routines::initialization error' ]

opensslErrorStack: [ 'error:03000086:digital envelope routines::initialization error' ], library: 'digital envelope routines', reason: 'unsupported', code: 'ERR_OSSL_EVP_UNSUPPORTED' } I get...

stackoverflow.com

요걸로 해결했다.

계속해서 이런 식으로 오류가 났기 때문에

이게 아마 버전이 충돌해서 생기는 문제인 것 같다.

스택 오버플로우에 나와있는대로

Follow these steps on your terminal in the current app directory:

npm install -g npm-check-updates

Installs the npm-check-updates package globally for doing exactly what its name says.

ncu

This will display the dependencies side-by-side with (an arrow pointing to) their new versions (you are advised to upgrade to) as listed in your package.json file in the current directory.

ncu -u

This updates those new listed versions on your package.json file and prepares your app for the next step (the updates proper).

npm update

npm install

Either of these 2 finally installs the new updates; fixes the problem.

NB: I used

npm install

이렇게 하니 오류 없이 화면이 잘 나오는걸 확인할 수 있었다.